Wordfence reports that the official SendGrid for WordPress plugin is vulnerable to authorization bypass if run in multisite. The plugin is no longer maintained and no longer downloadable from the plugin repo, but it is reported to have 100,000+ active installs. 🔓
Hat tip to Prashant Baldha who digs deeper into the vulnerability on his blog. 🎩
