Описание
The SendGrid WordPress plugin is vulnerable to authorization bypass via the get_ajax_statistics function found in the ~/lib/class-sendgrid-statistics.php file which allows authenticated users to export statistic for a WordPress multi-site main site, in versions up to and including 1.11.8.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.11.8 (включая)
cpe:2.3:a:sendgrid:sendgrid:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 45%
0.00229
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-862
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
The SendGrid WordPress plugin is vulnerable to authorization bypass via the get_ajax_statistics function found in the ~/lib/class-sendgrid-statistics.php file which allows authenticated users to export statistic for a WordPress multi-site main site, in versions up to and including 1.11.8.
EPSS
Процентиль: 45%
0.00229
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-862
NVD-CWE-noinfo