2 matches found
CVE-2022-33201
Cross-Site Request Forgery CSRF vulnerability in MailerLite – Signup forms official plugin = 1.5.7 at WordPress allows an attacker to change the API key...
CVE-2022-33201
CVE-2022-33201 affects the WordPress MailerLite – Signup forms (official) plugin, version 1.5.7 and earlier. The root cause is a missing CSRF check when updating the API key, enabling an attacker to change the API key via CSRF as described in multiple sources. The vulnerability is reported to imp...