Sendpress Sendpress Newsletters

4 CVEs affecting Sendpress Sendpress Newsletters. Latest disclosed: 2024-06-14. Critical: 0, High: 1.

Top CVEs affecting Sendpress Sendpress Newsletters
CVESeverityScorePublishedSummary
CVE-2023-47517High7.12023-11-14Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.23.11.6 versions.
CVE-2023-41729Medium5.92023-10-02Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.
CVE-2023-35040Medium5.32024-06-14Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6.
CVE-2023-41730Medium4.32023-10-10Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.