Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pressified sendpress vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2015-9448
The sendpress plugin prior to 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter.
Pressified Sendpress
NA
CVE-2023-5660
The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.22.3.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it pos...
Pressified Sendpress
NA
CVE-2023-47517
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions.
Pressified Sendpress
NA
CVE-2023-41729
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.
Pressified Sendpress
NA
CVE-2023-41730
Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.
Pressified Sendpress
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started