Vulnerabilities > Pressified
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-47517 | Cross-site Scripting vulnerability in Pressified Sendpress Unauth. | 6.1 |
| 2023-11-07 | CVE-2023-5660 | Cross-site Scripting vulnerability in Pressified Sendpress The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.22.3.31 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2023-10-10 | CVE-2023-41730 | Unspecified vulnerability in Pressified Sendpress Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions. | 8.8 |
| 2023-10-02 | CVE-2023-41729 | Unspecified vulnerability in Pressified Sendpress Auth. | 4.8 |
| 2019-09-26 | CVE-2015-9448 | SQL Injection vulnerability in Pressified Sendpress The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter. | 8.8 |