Vulnerabilities > Mailmunch
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-13 | CVE-2023-40203 | Missing Authorization vulnerability in Mailmunch Mailchimp Forms Missing Authorization vulnerability in MailMunch MailChimp Forms by MailMunch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailChimp Forms by MailMunch: from n/a through 3.1.4. | 8.8 |
| 2024-11-22 | CVE-2024-8735 | Cross-site Scripting vulnerability in Mailmunch The MailMunch – Grow your Email List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.1.8. | 6.1 |
| 2024-11-20 | CVE-2024-8726 | Cross-site Scripting vulnerability in Mailmunch Mailchimp Forms The MailChimp Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.2.3. | 6.1 |
| 2024-04-15 | CVE-2024-31378 | Unspecified vulnerability in Mailmunch Mailchimp Forms Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1. | 8.8 |
| 2024-04-07 | CVE-2024-31349 | Unspecified vulnerability in Mailmunch Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailMunch – Grow your Email List allows Stored XSS.This issue affects MailMunch – Grow your Email List: from n/a through 3.1.6. | 5.4 |
| 2024-03-27 | CVE-2024-29793 | Unspecified vulnerability in Mailmunch Mailchimp Forms Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2. | 5.4 |
| 2024-01-13 | CVE-2024-22137 | Unspecified vulnerability in Mailmunch Constant Contact Forms 2.0.10 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch Constant Contact Forms by MailMunch allows Stored XSS.This issue affects Constant Contact Forms by MailMunch: from n/a through 2.0.11. | 5.4 |
| 2023-10-16 | CVE-2023-45748 | Unspecified vulnerability in Mailmunch Mailchimp Forms Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch plugin <= 3.1.4 versions. | 8.8 |
| 2023-10-16 | CVE-2023-45647 | Unspecified vulnerability in Mailmunch Constant Contact Forms 2.0.10 Cross-Site Request Forgery (CSRF) vulnerability in MailMunch Constant Contact Forms by MailMunch plugin <= 2.0.10 versions. | 8.8 |
| 2023-10-10 | CVE-2023-41852 | Cross-Site Request Forgery (CSRF) vulnerability in Mailmunch Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailMunch – Grow your Email List plugin <= 3.1.2 versions. | 8.8 |