Vulnerabilities (CVE)

Filtered by vendor Mailerlite Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-33201 1 Mailerlite 1 Mailerlite Signup Forms 2024-11-21 N/A 6.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key.
CVE-2022-1604 1 Mailerlite 1 Mailerlite Signup Forms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The MailerLite WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting