Vulnerability WPO365 | […] MAILER <= 3.2

At WPO365, your security is prioritized. If you haven’t updated the WPO365 | MICROSOFT GRAPH MAILER plugin to the latest version 3.3, please do so immediately. Versions up to and including 3.2 are vulnerable to an Open Redirect issue due to inadequate validation of the ‘redirect_to’ parameter. This flaw could enable a remote attacker to conduct phishing attacks and potentially steal sensitive information under specific conditions:

Remote attackers can successfully trick website users into performing an action (e.g. click on a link).
The plugin is activated but not configured.

See the following thread-information published by Wordfence.

Latest News

Azure AD B2B user flow for Google users for WordPress

September 23, 2021

Latest News

Vulnerability WPO365 | […] MAILER <= 3.2

At WPO365, your security is prioritized. If you haven’t updated the WPO365 | MICROSOFT GRAPH MAILER plugin to the latest [...]

Send WP emails from a personal Microsoft account

WPO365’s Mailer for Microsoft Graph has been updated and now lets you send WordPress emails from a personal Microsoft account [...]

View all Latest News

Blog

WP Engine: Staging to production

After receiving numerous inquiries from customers using WP Engine‘s hosting platform about staging site deployments, I decided to explore the [...]

Customize your login button

The “Sign in with Microsoft” login button that is displayed on the (default) WordPress login page can now be customized [...]

View all Articles

Vulnerability WPO365 | […] MAILER <= 3.2

Latest News

Latest Articles

Latest News

Vulnerability WPO365 | […] MAILER <= 3.2

Send WP emails from a personal Microsoft account

Blog

WP Engine: Staging to production

Customize your login button