41 matches found
CVE-2026-12918
The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...
EUVD-2026-42862
The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...
WordPress Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin <= 1.24.1 - Authenticated (Administrator+) SQL Injection vulnerability
Authenticated Administrator+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin Mail Mint versions = 1.24.1...
CVE-2026-14342
The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2026-14342
The Mail Mint WordPress plugin (Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails) is affected up to version 1.24.2 by a time-based SQL Injection via the contact_ids parameter. The root cause is insufficient escaping of user input and lack of proper SQL query preparat...
CVE-2026-14342
The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2026-27349 WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...
WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Mail Mint versions = 1.19.5...
WordPress Mail Mint plugin < 1.19.5 - Unauthenticated Emails Disclosure vulnerability
Unauthenticated Emails Disclosure vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin Mail Mint versions 1.19.5...
CVE-2026-2025
The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...
CVE-2026-2025 Mail Mint < 1.19.5 - Unauthenticated Emails Disclosure
The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...
CVE-2026-2025 Mail Mint < 1.19.5 - Unauthenticated Emails Disclosure
The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...
CVE-2026-2025
The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...
CVE-2026-2025
Mail Mint WordPress plugin versions prior to 1.19.5 contain an information disclosure vulnerability due to missing authorization on a REST API endpoint, allowing unauthenticated users to retrieve email addresses of blog users. Affected versions:
WordPress plugin Mail Mint 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2026-23541 WordPress Mail Mint plugin <= 1.19.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through = 1.19.4...
WordPress plugin Mail Mint 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Mail Mint plugin <= 1.19.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin Mail Mint versions = 1.19.4...
CVE-2026-1258
The Mail Mint plugin for WordPress is vulnerable to blind SQL Injection via the 'forms', 'automation', 'email/templates', and 'contacts/import/tutorlms/map' API endpoints in all versions up to, and including, 1.19.2 . This is due to insufficient escaping on the user supplied 'order-by',...
CVE-2026-1258
The Mail Mint plugin for WordPress is vulnerable to blind SQL Injection via the 'forms', 'automation', 'email/templates', and 'contacts/import/tutorlms/map' API endpoints in all versions up to, and including, 1.19.2 . This is due to insufficient escaping on the user supplied 'order-by',...