Support » Plugin: WP Mail SMTP by WPForms » Overly permissive Google privileges

  • The only flaw which bothers me a lot is the fact that this plugin requests “read” permission from Gmail on integration process with G-Suite. I believe it’s not required and it’s against our privacy since our confidential data is being exposed. It also requires “permanently delete” permission which makes our inbox unsafe. I hope development team find a solution for this issue as soon as possible and come up with an update.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support Jess Quig

    (@jquigam)

    Hi centision,

    In case it helps, I can share some extra details on these permissions.

    First, nothing in the plugin code either reads or deletes any emails. All of our code is open source both here on .org and on GitHub, in case it gives any extra peace of mind to review that.

    Next, the permissions required are partly for currently functionality and partly for future functionality plans. Because of how the API works, any future adjustments in permissions needed would cause issues for pre-existing users, however the end result would be the same (that users would end up needing to grant these permissions to continue using it). So rather than making adjustments later, our team felt it was more straightforward to be clear upfront.

    This way, anyone who would prefer not to grant these permissions for Google’s API can choose to use a different mailer right off the bat.

    I hope this helps!

    centision

    (@centision)

    @jquigam Thank you for your response. I’m not blaming your plugin for abusing, but I’m blaming it because of creating a vulnerability to be abused. The fact is that users are making their business g-suite accounts insecure by giving a full-access permission to their WP in their gmail app. That means, any code (plugins, etc.) installed on this WP or even hackers can abuse the situation, including: Accessing to confidential data, resetting passwords of internet accounts, deleting important data, etc. So it’s not limited to need of your plugin, but it’s a total security issue with the whole system which you can easily prevent. You know better that not all users are able to review all codes at each update, abusive codes can hide everywhere and things can happen out of sight. I have the same problem with all apps who gain access to the whole Google Drive even though they can restrict the access only to the files they create.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    I’ve updated the title of this review once the coffee set in.

    This is a legitimate review and not a support request as I initially thought. That’s the reason I changed the review title. It is a security issue of a sorts but it’s not a vulnerability exactly.

    If the requested access from Google could be limited that would be good. This plugin should only request the minimum access needed to work.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this review.