Smackcoders Sendgrid For Wordpress vulnerabilities
2 known vulnerabilities affecting smackcoders/sendgrid_for_wordpress.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-43965P2CRITICALCVSS 9.8PoC≥ n/a, ≤ 1.42024-08-29
CVE-2024-43965 [CRITICAL] CWE-89 CVE-2024-43965: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4.
nvd
CVE-2024-9364P4MEDIUMCVSS 4.3≤ 1.42024-10-18
CVE-2024-9364 [MEDIUM] CWE-862 CVE-2024-9364: The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a
The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin's log files.
nvd