Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
WordPress Plugin 'Easy WP SMTP' Unauthenticated Email Exposer
BELL-CVE-2026-31558
Summary
An unpatched vulnerability in the 'Easy WP SMTP' plugin for WordPress allows attackers to view email addresses of website administrators. This could lead to phishing attacks or spam. Update the plugin to the latest version to fix the issue.
What to do
- Update bellsoft linux-lts to version 6.12.80-r0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Alpaquita:25 | bellsoft | linux-lts |
>= 6.12.74-r0, < 6.12.80-r0 Fix: upgrade to 6.12.80-r0
|
| Alpaquita:stream | bellsoft | linux-lts |
>= 6.12.76-r0, < 6.12.80-r0 Fix: upgrade to 6.12.80-r0
|
Original title
BELL-CVE-2026-31558
osv CVSS3.1
8.8
- https://docs.bell-sw.com/security/cves/CVE-2026-31558 Vendor Advisory
Published: 3 May 2026 · Updated: 6 May 2026 · First seen: 6 May 2026