Rustaurius Ultimate Wp Mail

6 CVEs affecting Rustaurius Ultimate Wp Mail. Latest disclosed: 2025-09-22. Critical: 0, High: 3.

Top CVEs affecting Rustaurius Ultimate Wp Mail
CVESeverityScorePublishedSummary
CVE-2025-49288High8.82025-06-06Missing Authorization vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Authentication Bypass.This issue affects Ultimate WP Mail: from n/a…
CVE-2025-47490High8.52025-05-07Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows SQL I…
CVE-2025-6993High7.52025-07-16The Ultimate WP Mail plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the get_email_log_details() AJAX handler i…
CVE-2025-53454Medium6.52025-09-22Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Store…
CVE-2025-47466Medium5.42025-05-07Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Cross Site Request Forgery.This issue affects Ultimate W…
CVE-2025-32694Medium4.72025-04-09URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Phishing.This issue affects Ultimate W…