CVE-2024-9364

The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpmailplusclearlogs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

CVE-2024-9364

The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpmailplusclearlogs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

CVE-2024-9364 SendGrid for WordPress <= 1.4 - Missing Authorization to Authenticated (Subscriber+) Log Deletion

The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpmailplusclearlogs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

CVE-2024-9364 SendGrid for WordPress <= 1.4 - Missing Authorization to Authenticated (Subscriber+) Log Deletion

The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpmailplusclearlogs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

CVE-2024-9364

CVE-2024-9364 affects the SendGrid for WordPress plugin for WordPress (all versions

WordPress plugin SendGrid for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress SendGrid for WordPress plugin <= 1.4 - Missing Authorization to Authenticated (Subscriber+) Log Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Log Deletion vulnerability discovered by Nishiv in WordPress Plugin SendGrid for WordPress versions = 1.4...

PT-2024-39596 · WordPress · Sendgrid For Wordpress

Name of the Vulnerable Software and Affected Versions: SendGrid for WordPress plugin versions up to, and including, 1.4 Description: The issue is related to a missing capability check on the wp mailplus clear logs function, which allows authenticated attackers with Subscriber-level access and abo...

WordPress SendGrid for WordPress Plugin <= 1.4 is vulnerable to Broken Access Control

Software SendGrid for WordPress Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9364 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 76fcf6135efb Credits Nishiv Required privilege...

Exploit for SQL Injection in Smackcoders Sendgrid

CVE-2024-43965 SendGrid for WordPress = 1.4 - Unauthentica...

CVE-2024-43965

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4...

CVE-2024-43965

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4...

CVE-2024-43965 WordPress SendGrid for WordPress plugin <= 1.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4...

CVE-2024-43965 WordPress SendGrid for WordPress plugin <= 1.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4...

CVE-2024-43965

CVE-2024-43965 : An SQL injection in Smackcoders SendGrid for WordPress (wp-sendgrid-mailer) affects WordPress plugin versions up to 1.4. Root cause: improper neutralization/escaping of user input in SQL queries. Impact per sources ranges from data disclosure to potential data modification under ...

WordPress plugin SendGrid for WordPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress SendGrid for WordPress plugin <= 1.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin SendGrid for WordPress versions = 1.4...

WordPress SendGrid for WordPress Plugin <= 1.4 is vulnerable to SQL Injection

Software SendGrid for WordPress Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43965 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 897d693aed88 Credits Ananda Dhakal Patchstack Required privilege...

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs...

Androxgh0st Malware Uses Stealthy Tactics in Pilfering Credentials

Summary: The Androxgh0st malware is building a botnet, specifically aimed at illicitly obtaining cloud credentials from popular applications such as Amazon Web Services AWS, Microsoft Office 365, SendGrid, and Twilio. This stolen data is then utilized to disseminate additional harmful payloads...