cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-1589,https://securityvulnerability.io/vulnerability/CVE-2024-1589,Unfiltered HTML Settings Vulnerability in SendPress Newsletters WordPress Plugin,"The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",Wordpress,Sendpress Newsletters,,,0.0004299999854993075,false,,false,false,true,true,false,false,2024-04-08T05:00:01.961Z,0
CVE-2024-1588,https://securityvulnerability.io/vulnerability/CVE-2024-1588,Unfiltered HTML Settings Vulnerability in SendPress Newsletters WordPress Plugin,"The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",Wordpress,Sendpress Newsletters,,,0.0004299999854993075,false,,false,false,true,true,false,false,2024-04-08T05:00:01.486Z,0
CVE-2023-5660,https://securityvulnerability.io/vulnerability/CVE-2023-5660,Stored Cross-Site Scripting in SendPress Newsletters Plugin for WordPress,"The SendPress Newsletters plugin for WordPress suffers from a Stored Cross-Site Scripting vulnerability due to inadequate input validation and output sanitization on user-supplied attributes within its shortcode. This flaw allows authenticated attackers with contributor-level permissions or higher to inject and execute arbitrary scripts within pages accessed by users. As a result, this could lead to severe security issues, including session hijacking or unwarranted actions performed on behalf of users.",Wordpress,SendPress Newsletters,5.4,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,2023-11-07T12:15:00.000Z,0