YaySMTP and Email Logs: Amazon SES, SendGrid, Outlook, Mailgun, Brevo, Google and Any SMTP Service

Vulnerabilities 9Slug yaysmtpLatest version 2.7.4WordPress.org →

Minimum safe version

2.6.7

Update to 2.6.7 or later to address 9 fixable vulnerabilities

Latest available2.7.4 ✓

N/A

2025-06-27< 2.6.7

CVE-2025-53256

High 7.6

2025-05-07< 2.6.5

CVE-2025-47587

High 7.2

2025-02-19≥ 2.4.9 and < 2.6.4

WordPress YaySMTP Plugin 2.4.9-2.6.2 is vulnerable to Cross Site Scripting (XSS)

Medium 6.1

2023-07-12< 2.4.6

CVE-2023-3093

Medium 4.8

2022-08-08< 2.2.2

CVE-2022-2372

Medium 5.4

2022-08-08< 2.2.1

CVE-2022-2371

N/A

2022-07-14< 2.2.2

WordPress YaySMTP – Simple WP SMTP Mail plugin <= 2.2.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Medium 6.5

2022-08-01< 2.2.1

CVE-2022-2370

Medium 4.3

2022-08-01< 2.2.1

CVE-2022-2369