All 7 CVE vulnerabilities found in SendPress Newsletters, with AI-generated Chinese analysis, references, and POCs.
Vendor: brewlabs
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2023-35040 | WordPress SendPress Newsletters plugin <= 1.26.1.20 - Broken Access Control vulnerability CWE-862 | 5.3 | Medium | 2024-06-13 |
| CVE-2024-1589 | SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Form Settings | 4.8AI | MediumAI | 2024-04-08 |
| CVE-2024-1588 | SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Settings | 4.8AI | MediumAI | 2024-04-08 |
| CVE-2023-47517 | WordPress SendPress Newsletters plugin <= 1.23.11.6 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 | 7.1 | High | 2023-11-14 |
| CVE-2023-5660 | SendPress Newsletters <= 1.22.3.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79 | 6.4 | Medium | 2023-11-07 |
| CVE-2023-41730 | WordPress SendPress Newsletters plugin <= 1.26.1.20 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 | 4.3 | Medium | 2023-10-10 |
| CVE-2023-41729 | WordPress SendPress Newsletters plugin <= 1.26.1.20 - Cross Site Scripting (XSS) vulnerability CWE-79 | 5.9 | Medium | 2023-10-02 |
All 7 known CVE vulnerabilities affecting SendPress Newsletters with full Chinese analysis, references, and POCs where available.