CVE-2026-6235 | Sendmachine for WordPress Plugin up to 1.0.20 on WordPress Password Reset manage_admin_requests authorization

A vulnerability was found in Sendmachine for WordPress Plugin up to 1.0.20 on WordPress. It has been classified as critical. Impacted is the function manage_admin_requests of the component Password Reset Handler. This manipulation causes missing authorization.

This vulnerability is registered as CVE-2026-6235. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More