cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-2797,https://securityvulnerability.io/vulnerability/CVE-2024-2797,Unauthorized Configuration Changes in MailerLite Signup Forms Plugin for WordPress,"The MailerLite Signup Forms plugin for WordPress is affected by a security flaw that allows unauthenticated users to make unauthorized changes to plugin settings. This vulnerability arises from inadequate capability checks in the functions responsible for managing user roles and permissions, specifically in versions 1.7.6 and earlier. This oversight can enable attackers to alter forms and permissions, potentially compromising user data and plugin integrity.",Wordpress,Mailerlite – Signup Forms (official),5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-05-02T16:52:27.425Z,0
CVE-2024-1386,https://securityvulnerability.io/vulnerability/CVE-2024-1386,Stored Cross-Site Scripting in MailerLite Signup Forms Plugin for WordPress,"The MailerLite Signup Forms plugin for WordPress is susceptible to Stored Cross-Site Scripting attacks due to inadequate sanitization of user input and lack of proper output encoding on shortcode attributes. This vulnerability allows authenticated users with contributor-level permissions or higher to insert malicious scripts into web pages. When a victim accesses a page with the injected script, it executes in their browser, potentially compromising user data and session integrity.",Wordpress,Mailerlite – Signup Forms (official),6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-05-02T16:52:17.385Z,0
CVE-2022-1604,https://securityvulnerability.io/vulnerability/CVE-2022-1604,MailerLite < 1.5.4 - Reflected Cross-Site Scripting,"The MailerLite WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting",Wordpress,Mailerlite – Signup Forms (official),6.1,MEDIUM,0.0007600000244565308,false,,false,false,false,,false,false,2022-06-13T12:42:06.000Z,0