Vulnerabilities and security researches forofficial-sendle-shipping-method official-sendle-shipping-method

Jun 07, 2024

CVE, Research URL: CVE-2023-45761
Home page URL: Security reports for Sendle Shipping Plugin
Application: Sendle Shipping Plugin
Date: Oct 25, 2023
Research Description: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Joovii Sendle Shipping Plugin plugin <= 5.13 versions.
Affected versions: max 5.18.
Status: vulnerable

Oct 11, 2025

CVE, Research URL: CVE-2025-60139
Home page URL: Security reports for Sendle Shipping Plugin
Application: Sendle Shipping Plugin
Date: Sep 26, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Joovii Sendle Shipping allows Cross Site Request Forgery. This issue affects Sendle Shipping: from n/a through 6.02.
Affected versions: max 6.02.
Status: vulnerable

Nov 10, 2025

CVE, Research URL: CVE-2025-62976
Home page URL: Security reports for Sendle Shipping Plugin
Application: Sendle Shipping Plugin
Date: Oct 27, 2025
Research Description: Missing Authorization vulnerability in Joovii Sendle Shipping official-sendle-shipping-method allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Sendle Shipping: from n/a through <= 6.02.
Affected versions: max 6.02.
Status: vulnerable