cleantalk
Vulnerabilities and Security Researches

TelSender – Wp to telegram СF 7, Events, Wpforms, Ninja forms, Wooccommerce, 7d9d8268f23f57867d0b85ff74fa4663e9384959

CVE, Research URL

7d9d8268f23f57867d0b85ff74fa4663e9384959

Home page URL

Security reports for TelSender – Wp to telegram СF 7, Events, Wpforms, Ninja forms, Wooccommerce

Application

TelSender – Wp to telegram СF 7, Events, Wpforms, Ninja forms, Wooccommerce

Published on
Sep 04, 2023
Research Description
TelSender &#8211; Wp to telegram СF 7, Events, Wpforms, Ninja forms, Wooccommerce [telsender] < 1.14.12 WordPress TelSender Plugin <= 1.14.7 is vulnerable to Broken Access Control No patched version is available. No reply from the vendor. Abdi Pranata discovered and reported this Broken Access Control vulnerability in WordPress TelSender Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has not been known to be fixed yet.
Affected versions
max 1.14.12.
Status
vulnerable
Previous vulnerability researches
TelSender &#8211; Wp to telegram СF 7, Events, Wpforms, Ninja forms, Wooccommerce (064e9b811efe47de47856256d48e5f52f3b89f04) , Jun 16, 2026
TelSender &#8211; Wp to telegram СF 7, Events, Wpforms, Ninja forms, Wooccommerce (CVE-2023-41683) , Jun 10, 2024
TelSender &#8211; Wp to telegram СF 7, Events, Wpforms, Ninja forms, Wooccommerce (7d9d8268f23f57867d0b85ff74fa4663e9384959) , Jun 06, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026