Mailmunch Security Vulnerabilities

CVE-2021-24134

Unvalidated input and lack of output encoding in the Constant Contact Forms WordPress plugin, versions before 1.8.8, lead to multiple Stored Cross-Site Scripting vulnerabilities, which allowed high-privileged user (Editor+) to inject arbitrary JavaScript code or HTML in posts where the malicious fo...

CVE-2023-41852

Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailMunch – Grow your Email List plugin <= 3.1.2 versions.

CVE-2023-45647

Cross-Site Request Forgery (CSRF) vulnerability in MailMunch Constant Contact Forms by MailMunch plugin <= 2.0.10 versions.

CVE-2023-45748

Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch plugin <= 3.1.4 versions.

CVE-2024-22137

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch Constant Contact Forms by MailMunch allows Stored XSS.This issue affects Constant Contact Forms by MailMunch: from n/a through 2.0.11.

CVE-2024-29793

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2.

CVE-2024-31378

Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1.