Prashant Baldha

Name of the Vulnerable Software and Affected Versions: SendGrid WordPress plugin versions up to and including 1.11.8 Description: The issue allows authenticated users to bypass authorization and export statistics for a WordPress multi-site main site. This is possible due to a vulnerability in the `get ajax statistics` function found in the `~/lib/class-sendgrid-statistics.php` file. Recommendations: For SendGrid WordPress plugin versions up to and including 1.11.8, update to a version later than 1.11.8 to resolve the issue. As a temporary workaround, consider restricting access to the `get ajax statistics` function to prevent unauthorized statistic exports.