GCVE - cpe:2.3:a:smackcoders:sendgrid_for_wordpress:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:smackcoders:sendgrid_for_wordpress:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Smackcoders (`e878c6d9-526e-5971-b31d-cb731330415c`)
Product	Sendgrid For Wordpress (`10a01b61-498f-5485-86f0-a9241b55c1a2`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-23423`	vulnerable	2026-06-03 14:59:42.503855	WordPress SendGrid for WordPress plugin <= 1.4 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in Smackcoders Inc., SendGrid for WordPress wp-sendgrid-mailer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SendGrid for WordPress: from n/a through <= 1.4. Published: 2025-01-16T20:05:46.387Z Updated: 2026-04-28T16:11:08.189Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/wp-sendgrid-mailer/vulnerability/wordpress-sendgrid-for-wordpress-plugin-1-4-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-9364`	vulnerable	2026-06-03 14:58:21.085922	SendGrid for WordPress <= 1.4 - Missing Authorization to Authenticated (Subscriber+) Log Deletion MEDIUM (4.3) The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin's log files. Published: 2024-10-18T04:32:55.748Z Updated: 2026-04-08T17:18:30.118Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/bb7d99a7-1e7d-43e1-839c-286b454c8276?source=cve https://plugins.svn.wordpress.org/wp-sendgrid-mailer/tags/1.4/wp-sendgrid-mailer.php https://plugins.trac.wordpress.org/browser/wp-sendgrid-mailer/trunk/wp-sendgrid-mailer.php#L167	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-43965`	vulnerable	2026-06-03 14:56:47.141316	WordPress SendGrid for WordPress plugin <= 1.4 - SQL Injection vulnerability HIGH (8.2) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4. Published: 2024-08-29T15:23:12.823Z Updated: 2026-04-28T16:10:14.548Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/wp-sendgrid-mailer/wordpress-sendgrid-for-wordpress-plugin-1-4-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.