CVE-2025-12887 is an authorization bypass vulnerability identified in the Post SMTP plugin for WordPress, a widely used tool that facilitates SMTP email delivery with features such as logs, alerts, backup SMTP, and mobile app integration. The flaw exists in all versions up to and including 3.6.1, specifically in the 'handle_gmail_oauth_redirect' function, where the plugin fails to properly verify that a user is authorized to update OAuth tokens. This improper authorization check allows any authenticated user with subscriber-level privileges or higher to inject invalid or attacker-controlled OAuth credentials. Since subscriber-level users typically have limited capabilities, this vulnerability escalates their ability to manipulate critical email configuration data. The impact primarily affects the integrity and availability of email services, as attackers could disrupt legitimate email flows or redirect emails through malicious accounts. The vulnerability has a CVSS v3.1 base score of 5.4, reflecting medium severity, with network attack vector, low attack complexity, and no user interaction required. No known exploits have been reported in the wild to date. The vulnerability is classified under CWE-862 (Missing Authorization), indicating a failure to enforce proper access controls. Post SMTP is popular among WordPress users globally, and this vulnerability could be leveraged in targeted attacks or as part of broader campaigns to compromise email infrastructure or conduct phishing. The lack of a patch at the time of reporting necessitates immediate mitigation steps.

For European organizations, the vulnerability poses a risk to the integrity and availability of email communications managed via WordPress sites using the Post SMTP plugin. Attackers with low-level authenticated access could manipulate OAuth tokens, potentially causing email delivery failures, interception, or redirection. This could disrupt business operations, damage reputation, and facilitate phishing or social engineering attacks by leveraging compromised email flows. Organizations relying on WordPress for customer communications, internal notifications, or marketing campaigns are particularly vulnerable. The impact is heightened in sectors with strict compliance requirements for email integrity, such as finance, healthcare, and government. Although confidentiality is not directly compromised, the downstream effects on trust and operational continuity can be significant. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers often develop exploits rapidly after disclosure.

1. Immediately restrict WordPress user roles to the minimum necessary privileges, ensuring that subscriber-level users cannot access or modify SMTP or OAuth settings. 2. Monitor and audit changes to OAuth tokens and SMTP configurations within WordPress, using logging plugins or SIEM integration to detect unauthorized modifications. 3. Implement Web Application Firewalls (WAF) with custom rules to detect and block suspicious requests targeting the 'handle_gmail_oauth_redirect' endpoint. 4. Educate administrators and users about the risks of unauthorized configuration changes and enforce strong authentication mechanisms for all WordPress accounts. 5. Regularly back up WordPress configurations and email settings to enable rapid restoration if compromise occurs. 6. Stay alert for official patches or updates from the plugin vendor and apply them promptly once released. 7. Consider temporarily disabling the Post SMTP plugin or switching to alternative secure SMTP plugins until a fix is available. 8. Conduct penetration testing and vulnerability assessments focusing on WordPress plugins to identify similar authorization issues proactively.