Vulnerabilities (CVE)

Filtered by vendor Smackcoders Subscribe
Total 22 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-9364 1 Smackcoders 1 Sendgrid 2024-10-22 N/A 4.3 MEDIUM
The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin's log files.
CVE-2024-43965 1 Smackcoders 1 Sendgrid 2024-09-04 N/A 9.8 CRITICAL
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4.