CVE-2023-41729

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-41729

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-41729.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-41729

Published

2023-10-02T07:39:34.189Z

Modified

2026-05-28T04:09:03.423971629Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L CVSS Calculator

Summary

WordPress SendPress Newsletters Plugin <= 1.22.3.31 is vulnerable to Cross Site Scripting (XSS)

Details

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.

Database specific

{
    "cna_assigner": "Patchstack",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/41xxx/CVE-2023-41729.json",
    "cwe_ids": [
        "CWE-79"
    ],
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "last_affected": "1.22.3.31"
                }
            ]
        }
    ]
}

References

Affected packages

Git / github.com/brewlabs/sendpress

Affected ranges

Type

GIT

Repo

https://github.com/brewlabs/sendpress

Events

Introduced

Last affected

4579e28a830595d963c99085cb35f2e2ae55c0b7

Database specific

{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:pressified:sendpress:*:*:*:*:*:wordpress:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.22.3.31"
        }
    ]
}

Affected versions

0.*

0.8.8

0.8.8.1

0.9.2

0.9.2-Beta

0.9.2.1

0.9.3

0.9.3.1

0.9.3.2

0.9.3.3

0.9.3.4

0.9.4

0.9.4.2

0.9.4.3

0.9.4.5

0.9.4.6

0.9.4.7

0.9.5

0.9.5.1

0.9.5.2

0.9.6

0.9.6.1

0.9.6.2

0.9.6.3

0.9.6.4

0.9.7.1

0.9.7.2

0.9.7.3

0.9.8

0.9.8.1

0.9.8.2

0.9.8.3

0.9.8.4

0.9.8.5

0.9.8.6

0.9.8.7

0.9.9

0.9.9.1

0.9.9.2

0.9.9.3

0.9.9.4

0.9.9.5

0.9.9.6

0.9.9.7

0.9.9.8

0.9.9.9

0.9.9.9.1

0.9.9.9.2

0.9.9.9.3

0.9.9.9.4

0.9.9.9.5

0.9.9.9.6

0.9.9.9.7

0.9.9.9.8

0.9.9.9.9

1.*

1.0

1.0.2

1.0.3

1.0.9

1.1.2.11

1.1.2.22

1.1.2.24

1.1.3.10

1.1.3.10.1

1.1.4.2

1.1.4.21

1.1.4.22

1.1.4.3

1.1.5.4

1.1.7.14

1.1.7.21

1.10.3.28

1.10.4.10

1.10.5.19

1.10.6.11

1.10.6.18

1.10.8.14

1.10.9.23

1.2

1.2.1

1.2.10.10

1.2.10.12

1.2.10.6

1.2.10.6.1

1.2.7.26

1.2.7.27

1.2.7.29

1.2.8.10

1.2.8.13

1.2.8.16

1.2.8.28

1.2.8.3

1.2.9.13

1.2.9.9

1.20.1.7

1.20.10.6

1.20.2.20

1.20.3.17

1.20.3.19

1.20.4.13

1.20.6.08

1.20.7.10

1.20.7.13

1.20.8.21

1.21.4.5

1.22.1.20

1.22.2.18

1.22.3.14

1.22.3.31

1.5

1.5.11.9

1.5.12.13

1.5.12.20

1.6.1.20

1.6.2.22

1.7

1.7.10.12

1.7.10.13

1.7.11.14

1.7.11.22

1.7.12.1

1.7.12.15

1.7.12.7

1.7.3.19

1.7.4.13

1.7.4.20

1.7.4.27

1.7.5.2

1.7.5.24

1.7.9.19

1.8.10.26

1.8.11.2

1.8.11.25

1.8.11.5

1.8.12.18

1.8.5.24

1.8.5.31

1.8.6.16

1.8.7.10

1.8.7.10.1

1.8.8.14

1.8.9.27

1.9.10.15

1.9.10.5

1.9.11.15

1.9.11.16

1.9.11.26

1.9.2.22

1.9.2.23

1.9.2.23.1

1.9.2.26

1.9.3.19

1.9.3.21

1.9.3.28

1.9.3.29

1.9.3.29.1

1.9.3.5

1.9.5.10

1.9.6.19.1

1.9.6.20

1.9.6.26

1.9.7.13

1.9.7.17

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-41729.json"