An unauthenticated attacker can intercept site emails by exploiting an authorization bypass in the Sendmachine for WordPress plugin.

The manage_admin_requests function lacks proper capability checks, enabling unauthenticated attackers to alter the plugin's SMTP settings.

By hijacking the SMTP configuration, attackers can intercept sensitive communications, including password reset emails and authentication tokens, leading to potential account takeovers. With a CVSS score of 9.8, this vulnerability poses a severe threat to site security and user privacy.

Immediate Action: Update to the latest version of the Sendmachine for WordPress plugin.

Proactive Monitoring: Monitor SMTP configuration settings and email logs for any unauthorized changes or unexpected email routing behavior.

Compensating Controls: Use a Web Application Firewall (WAF) to block unauthorized requests to administrative plugin endpoints until a patch is applied.

Public Exploit Available: false

Site administrators should update the plugin immediately. Additionally, verify that current SMTP settings have not been tampered with and consider rotating credentials for any mail accounts previously configured in the plugin.