Vulnerabilities (CVE)

Filtered by vendor Mailerlite Subscribe
Filtered by product Mailerlite Signup Forms
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-33201 1 Mailerlite 1 Mailerlite Signup Forms 2022-08-08 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key.
CVE-2022-1604 1 Mailerlite 1 Mailerlite Signup Forms 2022-06-17 4.3 MEDIUM 6.1 MEDIUM
The MailerLite WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting