Acute security vulnerability in the Post SMTP plugin

A programmer discovered a vulnerability in the plugin that allowed even users with minimal rights – such as subscribers – to gain access to all sent emails. Particularly dangerous: with relatively little effort, they could also intercept password reset emails for any account and thus take over administrator rights. The result: your entire site could be taken over.

The development team behind the plugin acted promptly. Within three days, a patch was released, and the vulnerability was officially closed with version 3.3.0. Sounds like the all-clear? Unfortunately, that's not the case.
Many sites are still unprotected!
This is because only around 49% of active users have installed the update. Almost 100,000 websites are still running extremely outdated versions (2.x.x) and are therefore vulnerable to several known vulnerabilities.

We will check immediately whether you are affected.
If so, we will immediately perform the update and test the site and its functions once it is complete.
Now is also a good time to rethink your entire security strategy. Protective measures such as IP restrictions for the backend, multi-factor authentication and regular decluttering of plugins and themes help to minimise vulnerabilities.
We proactively monitor your site and servers – because patches are essential, but additional protection is invaluable.

Conclusion: Anyone who runs their WordPress site with Post SMTP must act now. Updates are mandatory, and additional protective measures are highly recommended. Solve the problem quickly and easily with DRIVE!