EUVD-2026-24700

The Sendmachine for WordPress plugin for WordPress is vulnerable to authorization bypass via the 'manageadminrequests' function in all versions up to, and including, 1.0.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

CVE-2026-6235

The Sendmachine for WordPress plugin for WordPress is vulnerable to authorization bypass via the 'manageadminrequests' function in all versions up to, and including, 1.0.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

WordPress Sendmachine for WordPress plugin <= 1.0.20 - Unauthenticated SMTP Hijack to Privilege Escalation vulnerability

Unauthenticated SMTP Hijack to Privilege Escalation vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Sendmachine for WordPress versions = 1.0.20...

CVE-2026-6235

Vulnerability overview: The Sendmachine for WordPress plugin (WordPress) is affected by an authorization bypass in the manage_admin_requests path for all versions up to 1.0.20, enabling unauthenticated attackers to overwrite the SMTP configuration and potentially intercept all outbound emails (in...

CVE-2026-6235

The Sendmachine for WordPress plugin for WordPress is vulnerable to authorization bypass via the 'manageadminrequests' function in all versions up to, and including, 1.0.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

WordPress plugin Sendmachine for WordPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...