Title: vulnerability Last modified: December 1, 2022 --- # vulnerability * Resolved [diamondtheta](https://wordpress.org/support/users/diamondtheta/) * (@diamondtheta) * [3 years, 6 months ago](https://wordpress.org/support/topic/vulnerability-53/) * Hello! * My hostโ€™s WP toolkit detected this on nov 30.: โ€ WordPress Easy WP SMTP plugin <= 1.5.1 โ€“ Auth. Remote Code Execution (RCE) vulnerability โ€ Could you fix this issue please? * Thanks much! Viewing 6 replies - 1 through 6 (of 6 total) * [mbrsolution](https://wordpress.org/support/users/mbrsolution/) * (@mbrsolution) * [3 years, 6 months ago](https://wordpress.org/support/topic/vulnerability-53/#post-16251142) * Hi, can you update the plugin to the latest version 1.5.2? Let me know if you still receive the same vulnerability? * Thank you. * Thread Starter [diamondtheta](https://wordpress.org/support/users/diamondtheta/) * (@diamondtheta) * [3 years, 6 months ago](https://wordpress.org/support/topic/vulnerability-53/#post-16251739) * I updated to 1.5.2, but in the 1.5.2 changelog you do not wrote any vulnerability fix ๐Ÿ™ * And I donโ€™t know how WP toolkit works, so I donโ€™t know how can I force WP toolkit to check it again ๐Ÿ™ * Do you? * Maybe it only checks once a month automatically or they send it manually after manual cheks, donโ€™t know ๐Ÿ™ * So you too do not know what was WP toolkit discovered exactly? ๐Ÿ™ * WP toolkit is surely not in my wordpress (so it is not a wordpress plugin of mine), and it seems to be a cPanel extension from my host, because it surely have been sent from my hosts email with cpanel logo. This is why I am not familiar with it ๐Ÿ™‚ * [mbrsolution](https://wordpress.org/support/users/mbrsolution/) * (@mbrsolution) * [3 years, 6 months ago](https://wordpress.org/support/topic/vulnerability-53/#post-16253503) * Hi, I checked our plugin using the following URL and there is no vulnerability reported on our plugin. * [https://plugintests.com/](https://plugintests.com/) * Kind regards. * Thread Starter [diamondtheta](https://wordpress.org/support/users/diamondtheta/) * (@diamondtheta) * [3 years, 6 months ago](https://wordpress.org/support/topic/vulnerability-53/#post-16254975) * Yes, for the latest version I found out that WP toolkit also writes that it is ok. * And [https://patchstack.com/database/vulnerability/easy-wp-smtp/wordpress-easy-wp-smtp-plugin-1-5-1-auth-remote-code-execution-rce-vulnerability?_a_id=110](https://patchstack.com/database/vulnerability/easy-wp-smtp/wordpress-easy-wp-smtp-plugin-1-5-1-auth-remote-code-execution-rce-vulnerability?_a_id=110) * wrote: โ€œThis vulnerability has been fixed in version 1.5.2. โ€ ๐Ÿ™‚ Thanks! * [mbrsolution](https://wordpress.org/support/users/mbrsolution/) * (@mbrsolution) * [3 years, 6 months ago](https://wordpress.org/support/topic/vulnerability-53/#post-16256461) * That is great to know ๐Ÿ™‚ I am marking this thread as resolved. * Thank you. * Thread Starter [diamondtheta](https://wordpress.org/support/users/diamondtheta/) * (@diamondtheta) * [3 years, 6 months ago](https://wordpress.org/support/topic/vulnerability-53/#post-16256805) * ok ๐Ÿ™‚ * Maybe the vulneraility was in the export-import function what you have removed in 1.5.2. Viewing 6 replies - 1 through 6 (of 6 total) The topic โ€˜vulnerabilityโ€™ is closed to new replies. * ![](https://ps.w.org/easy-wp-smtp/assets/icon.svg?rev=3158017) * [Easy WP SMTP โ€“ WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and more](https://wordpress.org/plugins/easy-wp-smtp/) * [Frequently Asked Questions](https://wordpress.org/plugins/easy-wp-smtp/#faq) * [Support Threads](https://wordpress.org/support/plugin/easy-wp-smtp/) * [Active Topics](https://wordpress.org/support/plugin/easy-wp-smtp/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/easy-wp-smtp/unresolved/) * [Reviews](https://wordpress.org/support/plugin/easy-wp-smtp/reviews/) * 10 replies * 2 participants * Last reply from: [diamondtheta](https://wordpress.org/support/users/diamondtheta/) * Last activity: [3 years, 6 months ago](https://wordpress.org/support/topic/vulnerability-53/#post-16256805) * Status: resolved