Every CVE whose affected-product data names Pressified Sendpress, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2015-9448 — CVSS 8.8 (high): The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter.
CVE-2024-1588 — CVSS 6.8 (medium): The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high…
CVE-2023-5660 — CVSS 6.4 (medium): The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions…
CVE-2024-1589 — CVSS 6.1 (medium): The SendPress Newsletters WordPress plugin through 1.23.11.6 does not sanitise and escape some of its settings, which could allow high…