2 matches found
CVE-2024-1386
CVE-2024-1386 impacts the MailerLite – Signup forms (official) WordPress plugin. It enables Stored Cross-Site Scripting via shortcode attributes in versions 1.5.0–1.7.6, allowing authenticated attackers with contributor-level and higher to inject scripts into pages. The provided documents confirm...
WordPress MailerLite – Signup forms Plugin <= 1.7.6 is vulnerable to Cross Site Scripting (XSS)
Software MailerLite – Signup forms Type Plugin Vulnerable versions = 1.7.6 Fixed in 1.7.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1386 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cf12af72ac5b Credits Richard Tellen...