CVE Catalog

CVE-2026-24547

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.21%

12th percentile — higher than 12% of all known CVEs

Summary

The vulnerability in SiteGround Email Marketing plugin versions up to 1.7.5 allows unauthenticated attackers to bypass access control. Lack of required authentication enables unauthorized operations on plugin resources.

Risk Assessment

An unauthenticated attacker can gain unauthorized access to administrative functions of the plugin, potentially leading to data leakage or configuration modification.

Recommendation

Immediately update the SiteGround Email Marketing plugin to version 1.7.6 or later, which contains a fix for the vulnerability.

Original NVD description (English source)

Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS