CVE-2026-6235
Authorization Bypass in Sendmachine Plugin Allows SMTP Hijacking
Publication date: 2026-04-22
Last updated on: 2026-04-22
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sendmachine | sendmachine | to 1.0.20 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The Sendmachine for WordPress plugin is vulnerable to an authorization bypass in the 'manage_admin_requests' function in all versions up to and including 1.0.20.
This vulnerability occurs because the plugin does not properly verify whether a user is authorized to perform certain actions.
As a result, unauthenticated attackers can exploit this flaw to overwrite the plugin's SMTP configuration.
This allows attackers to intercept all outbound emails from the affected WordPress site, including sensitive emails such as password reset messages.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized interception of all outbound emails from your WordPress site.
Attackers can capture sensitive information contained in emails, such as password reset links, potentially leading to account compromise.
It can also lead to a complete compromise of the confidentiality, integrity, and availability of your email communications, as indicated by the high CVSS score of 9.8.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthenticated attackers to overwrite the plugin's SMTP configuration and intercept all outbound emails from the site, including sensitive communications such as password reset emails.
Such unauthorized interception and potential exposure of sensitive user information can lead to violations of data protection regulations like GDPR and HIPAA, which require the protection of personal and health information against unauthorized access.
Therefore, exploitation of this vulnerability could result in non-compliance with these standards due to compromised confidentiality and integrity of user data transmitted via email.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability exists in all versions of the Sendmachine for WordPress plugin up to and including 1.0.20 due to improper authorization checks in the 'manage_admin_requests' function.
To mitigate this vulnerability immediately, you should update the Sendmachine plugin to a version later than 1.0.20 where this issue is fixed.
Additionally, review and reset your SMTP configuration settings to ensure they have not been tampered with, as attackers could have overwritten these settings to intercept outbound emails.
Monitor your site for any suspicious activity related to email sending and consider temporarily disabling the plugin if an update is not immediately available.