39 matches found
CVE-2025-68564
Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through = 3.4.2...
CVE-2025-68564
Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through = 3.4.2...
CVE-2025-68564
CVE-2025-68564 concerns WordPress plugin Sendy (versions up to 3.4.2) with a Missing Authorization/Broken Access Control issue. Public sources collectively describe an access-control misconfiguration that could allow unauthorized actions by an attacker over the network. The CVSS 3.1 vector (AV:N/...
CVE-2025-68564 WordPress Sendy plugin <= 3.4.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through = 3.4.2...
CVE-2025-68564 WordPress Sendy plugin <= 3.4.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through = 3.4.2...
WordPress plugin Sendy 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-21100
Name of the Vulnerable Software and Affected Versions Sendy versions through 3.4.2 Description An authorization issue exists in Sendy that allows exploitation of incorrectly configured access control security levels. Recommendations Update Sendy to a version later than 3.4.2...
WordPress Sendy plugin <= 3.4.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Sendy versions = 3.4.2...
EUVD-2014-1043
Malware in sbrugna...
EUVD-2014-1042
Malware in sbrugna...
CVE-2014-100012
SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter...
WordPress Multilist Subscribe for Sendy Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)
Software Multilist Subscribe for Sendy Type Plugin Vulnerable versions = 1.6.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 92425a5d4204 Credits Rafie Muhammad...
Multilist Subscribe for Sendy <= 1.6.1 - Subscriber+ Arbitrary Options Update
The plugin is using an outdated version of the Freemius library 1.2.2.9, which is known to be affected by a security issue allowing any authenticated users, such as subscriber to set arbitrary blog options PoC As any authenticated user: Enable new user registrations:...
WordPress Multilist Subscribe for Sendy plugin <= 1.6.1 - Subscriber+ Arbitrary Options Update vulnerability
Subscriber+ Arbitrary Options Update vulnerability discovered by 0xdecafbad in WordPress Multilist Subscribe for Sendy plugin versions = 1.6.1. Solution Deactivate and delete. This plugin has been closed as of February 1, 2022 and is not available for download. This closure is temporary, pending ...
Multilist Subscribe for Sendy <= 1.6.1 - Subscriber+ Arbitrary Options Update
The plugin is using an outdated version of the Freemius library 1.2.2.9, which is known to be affected by a security issue allowing any authenticated users, such as subscriber to set arbitrary blog options As any authenticated user: Enable new user registrations:...
WordPress Multilist Subscribe for Sendy plugin <= 1.6.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Multilist Subscribe for Sendy plugin versions = 1.6.1. Solution No patched version available...
WordPress Multilist Subscribe for Sendy plugin <= 1.6.1 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Multilist Subscribe for Sendy plugin versions = 1.6.1. Solution No patched version available...
Sendy 2.0.1 - Multiple Vulnerabilities
Exploit for php platform in category web applications Title : Sendy 2.0.1 - Multiple Vulnerabilities Author : ZwX Vendor Homepage: http://sendy.co/ Software Link: http://sendy.co/ Tested on : Windows 7 ------------------------------ ! SQL Injection Exploit ! ------------------------------...
CVE-2014-100012
SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter...
Sql injection
SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter...