Lucene search
K

4 matches found

CVE
CVE
added 2025/12/12 9:20 a.m.18 views

CVE-2025-13993

CVE-2025-13993 - MailerLite – Signup forms (official) plugin for WordPress is affected up to version 1.7.16. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) in the parameters form_description and success_message caused by insufficient input sanitization and output escaping. Exploi...

5.5CVSS4.7AI score0.00332EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.6 views

WordPress plugin MailerLite – Signup forms (official) 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

5.5CVSS5.8AI score0.00332EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.5 views

PT-2024-22175 · Mailerlite · Mailerlite – Signup Forms

Name of the Vulnerable Software and Affected Versions: MailerLite – Signup forms official plugin for WordPress versions up to, and including, 1.7.6 Description: The issue allows unauthorized plugin setting changes due to a missing capability check on the toggleRolesAndPermissions and...

5.3CVSS6.9AI score0.00504EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/08/05 3:8 p.m.4 views

CVE-2022-33201 WordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in MailerLite – Signup forms official plugin = 1.5.7 at WordPress allows an attacker to change the API key...

6.3CVSS8AI score0.00309EPSS
Exploits0References2
Rows per page
Query Builder