PatchSiren

WPExperts CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH WPExperts CVE published 2026-06-15

CVE-2026-48838

CVE-2026-48838 is a high-severity Unauthenticated Cross Site Scripting (XSS) vulnerability in the Post SMTP plugin versions <= 3.6.2. The vulnerability has a CVSS score of 7.1 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-48838).