The SendPress Newsletters plugin for WordPress is vulnerable to unauthorized change. This means that attackers who are not authorized could run the plugin’s cron function in versions up to 1.22.3.31. This can happen because the plugin does not check if the user is allowed to make changes.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
