3 matches found
CVE-2024-9364
creationtimestamp| type| source ---|---|--- 2024-10-18 07:42:49+00:00| seen| https://t.me/cvedetector/8281...
CVE-2024-9364 SendGrid for WordPress <= 1.4 - Missing Authorization to Authenticated (Subscriber+) Log Deletion
The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpmailplusclearlogs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above,...
WordPress SendGrid for WordPress Plugin <= 1.4 is vulnerable to Broken Access Control
Software SendGrid for WordPress Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9364 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 76fcf6135efb Credits Nishiv Required privilege...