CVE Catalog
CVE-2026-24547
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk0.21%
12th percentile — higher than 12% of all known CVEs
Summary
The vulnerability in SiteGround Email Marketing plugin versions up to 1.7.5 allows unauthenticated attackers to bypass access control. Lack of required authentication enables unauthorized operations on plugin resources.
Risk Assessment
An unauthenticated attacker can gain unauthorized access to administrative functions of the plugin, potentially leading to data leakage or configuration modification.
Recommendation
Immediately update the SiteGround Email Marketing plugin to version 1.7.6 or later, which contains a fix for the vulnerability.
Original NVD description (English source)
Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.

