4 matches found
CVE-2025-13993
CVE-2025-13993 - MailerLite – Signup forms (official) plugin for WordPress is affected up to version 1.7.16. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) in the parameters form_description and success_message caused by insufficient input sanitization and output escaping. Exploi...
WordPress plugin MailerLite – Signup forms (official) 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-22175 · Mailerlite · Mailerlite – Signup Forms
Name of the Vulnerable Software and Affected Versions: MailerLite – Signup forms official plugin for WordPress versions up to, and including, 1.7.6 Description: The issue allows unauthorized plugin setting changes due to a missing capability check on the toggleRolesAndPermissions and...
CVE-2022-33201 WordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in MailerLite – Signup forms official plugin = 1.5.7 at WordPress allows an attacker to change the API key...