Sendy Email Marketing Software: Unauthorized Access Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

Sendy Email Marketing Software: Unauthorized Access Risk

CVE-2025-68564

Summary

A security weakness in Sendy's access control system allows unauthorized users to access sensitive features and data. This issue affects Sendy versions up to 3.4.2. To fix, update Sendy to the latest version or adjust access control settings to ensure proper authorization.

Original title

Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through <= 3.4.2.

Original description

Missing Authorization vulnerability in sendy Sendy sendy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendy: from n/a through <= 3.4.2.

nvd CVSS3.1 6.5

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/sendy/vulnerability/wordpress-s...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026