The POST SMTP Mailer WordPress plugin before 2.8.7 does not properly sanitise and escape several parameters before using them in SQL statements, leading to a SQL injection exploitable by high privilege users such as admin.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6620. Reason: This candidate is a reservation duplicate of CVE-2023-6620. Notes: All CVE users should reference CVE-2023-6620 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.