[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f6cYMYPKbaEUi5B6-Rlke3bkiV5P9KiEaX3fVINaHBfY":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":9,"severity":11,"cvss_score":12,"cvss_vector":13,"vuln_type":14,"published_date":15,"updated_date":16,"references":17,"days_to_patch":9},"CVE-2023-35040","sendpress-newsletters-missing-authorization","SendPress Newsletters \u003C= 1.23.11.6 - Missing Authorization","The SendPress Newsletters plugin for WordPress is vulnerable to unauthorized modification of due to a missing capability check on multiple REST routes that initiate cron execution in versions up to, and including, 1.23.11.6. This makes it possible for unauthenticated attackers to run the plugin's cron function.","sendpress",null,"\u003C=1.23.11.6","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2023-08-11 00:00:00","2024-01-22 19:56:02",[18],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff03dfbd4-b34a-46ab-b8aa-e37fb0321e8e?source=api-prod"]