Lucene search
K

41 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-12918

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00319EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago10 views

EUVD-2026-42862

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS6.1AI score0.00319EPSS
Exploits0References6
Patchstack
Patchstack
added 4 days ago4 views

WordPress Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin <= 1.24.1 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin Mail Mint versions = 1.24.1...

4.9CVSS6.1AI score0.00319EPSS
Exploits0References1Affected Software1
NVD
NVD
added 4 days ago8 views

CVE-2026-14342

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00266EPSS
Exploits0References5
CVE
CVE
added 4 days ago11 views

CVE-2026-14342

The Mail Mint WordPress plugin (Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails) is affected up to version 1.24.2 by a time-based SQL Injection via the contact_ids parameter. The root cause is insufficient escaping of user input and lack of proper SQL query preparat...

4.9CVSS6AI score0.00266EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-14342

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS6AI score0.00266EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/21 8:21 a.m.9 views

CVE-2026-27349 WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/21 8:20 a.m.10 views

WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Mail Mint versions = 1.19.5...

4.3CVSS5.8AI score0.00171EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/03/05 7:8 a.m.6 views

WordPress Mail Mint plugin < 1.19.5 - Unauthenticated Emails Disclosure vulnerability

Unauthenticated Emails Disclosure vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin Mail Mint versions 1.19.5...

7.5CVSS5.9AI score0.01379EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/03/04 6:16 a.m.9 views

CVE-2026-2025

The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...

7.5CVSS0.01379EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/04 6:0 a.m.2 views

CVE-2026-2025 Mail Mint < 1.19.5 - Unauthenticated Emails Disclosure

The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...

6AI score0.01379EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/04 6:0 a.m.383 views

CVE-2026-2025 Mail Mint < 1.19.5 - Unauthenticated Emails Disclosure

The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...

0.01379EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 6:0 a.m.7 views

CVE-2026-2025

The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...

6AI score0.01379EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 6:0 a.m.42 views

CVE-2026-2025

Mail Mint WordPress plugin versions prior to 1.19.5 contain an information disclosure vulnerability due to missing authorization on a REST API endpoint, allowing unauthenticated users to retrieve email addresses of blog users. Affected versions:

7.5CVSS6AI score0.01379EPSS
In wildExploits0References1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.9 views

WordPress plugin Mail Mint 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

7.5CVSS5.8AI score0.01379EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.31 views

CVE-2026-23541 WordPress Mail Mint plugin <= 1.19.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through = 1.19.4...

7.5CVSS0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

WordPress plugin Mail Mint 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.8AI score0.00293EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/18 8:56 a.m.7 views

WordPress Mail Mint plugin <= 1.19.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin Mail Mint versions = 1.19.4...

5.4AI score0.00293EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/15 1:28 p.m.6 views

CVE-2026-1258

The Mail Mint plugin for WordPress is vulnerable to blind SQL Injection via the 'forms', 'automation', 'email/templates', and 'contacts/import/tutorlms/map' API endpoints in all versions up to, and including, 1.19.2 . This is due to insufficient escaping on the user supplied 'order-by',...

4.9CVSS5.9AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2026/02/14 9:16 a.m.10 views

CVE-2026-1258

The Mail Mint plugin for WordPress is vulnerable to blind SQL Injection via the 'forms', 'automation', 'email/templates', and 'contacts/import/tutorlms/map' API endpoints in all versions up to, and including, 1.19.2 . This is due to insufficient escaping on the user supplied 'order-by',...

4.9CVSS0.00351EPSS
Exploits0References5
Rows per page
Query Builder