Description
WordPress Plugin SendGrid is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently export statistics for a WordPress multi-site main site. WordPress Plugin SendGrid version 1.11.8 is vulnerable; prior versions are also affected.
Remediation
Disable and remove the plugin until a fix is available
References
https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34629
https://wordpress.org/plugins/sendgrid-email-delivery-simplified/#description
Related Vulnerabilities
WordPress Plugin Manual Image Crop Cross-Site Scripting (1.10)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-4476)
WordPress 2.6.1 Lost Password SQL Column Truncation Unauthorized Access Vulnerability (0.71 - 2.6.1)
WordPress Plugin WordPress Landing Pages Remote Code Execution (1.9.0)