On November 6th, 2019, Detectify integrated security tests for over 50 popular WordPress plugins, including Easy-WP-SMTP, to identify vulnerabilities such as the Sensitive Data Exposure flaw (CVE-2020-35234), which affects versions 1.4.2 and earlier, though many installations remain unpatched despite a fix being available. This vulnerability allows attackers to exploit unsecured log files to reset the WordPress Administrator password, potentially leading to Remote Code Execution (RCE) by installing malicious plugins or modifying themes. Detectify's continuous web scanning service, capable of detecting over 2000 known vulnerabilities including those in WordPress plugins, has updated its tools to provide more information to users about this specific threat, urging them to update to Easy-WP-SMTP version 1.4.4 and to scrutinize all plugins for similar security risks.