WordPress Plugin Vulnerabilities

Official MailerLite Sign Up Forms < 1.4.4 - Unauthenticated SQL Injection

Description

Most methods in the MailerLite plugin do not sanitize user input data which causes SQL injection. Also no single method checks for a nonce token which causes a CSRF issue everywhere.

Proof of Concept

Affects Plugins

Plugin icon
official-mailerlite-sign-up-forms
Fixed in 1.4.4

References

URL
https://www.webarxsecurity.com/sql-injection-csrf-vulnerabilities-in-mailerlite-sign-up-forms-plugin/

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
10.0 (critical)

Miscellaneous

Original Researcher
Dave
Submitter
WebARX
Submitter website
https://www.webarxsecurity.com
Submitter twitter
webarx_security
Verified
No
WPVDB ID
a4b58b7b-ce26-452d-bd28-37171314bd03

Timeline

Publicly Published
2020-05-25 (about 5 years ago)
Added
2020-05-25 (about 5 years ago)
Last Updated
2020-05-26 (about 5 years ago)

Other

Published
Title
Published
2015-12-17
Title
Welcart e-Commerce < 1.5.3 - SQL Injection
Published
2016-12-12
Title
ZX_CSV Upload 1 – Authenticated SQL Injection
Published
2024-11-10
Title
Connexion Logs <= 3.0.2 - Admin+ SQL Injection
Published
2025-04-04
Title
Behance Portfolio Manager < 1.8.0 - Authenticated (Administrator+) SQL Injection
Published
2023-10-30
Title
Jquery accordion slideshow < 8.2 - Authenticated (Subscriber+) SQL Injection via Shortcode