VYPR

Sendpress

by Pressified

Source repositories

CVEs (5)

  • CVE-2023-47517HigNov 14, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions.

  • CVE-2023-41729MedOct 2, 2023
    risk 0.38cvss 5.9epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.

  • CVE-2023-5660MedNov 7, 2023
    risk 0.35cvss 6.4epss 0.01

    The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.22.3.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…

  • CVE-2023-35040MedJun 14, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6.

  • CVE-2023-41730MedOct 10, 2023
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.