Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MailMunch — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting MailMunch. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MailMunch is an email marketing and lead generation platform that helps businesses capture leads through customizable forms and pop-ups. Historically, the platform has been susceptible to multiple security vulnerabilities, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws. These vulnerabilities have allowed attackers to execute arbitrary code, steal session cookies, and gain unauthorized access to user accounts. With 11 CVEs documented, MailMunch's security track record reveals consistent issues in input validation and access control. While no major public breaches have been widely reported, the cumulative number of vulnerabilities suggests potential risks for organizations relying on the platform for customer data collection and email campaigns.

Top products by MailMunch: MailChimp Forms by MailMunch MailMunch – Grow your Email List Constant Contact Forms by MailMunch
CVE IDTitleCVSSSeverityPublished
CVE-2023-40203 WordPress MailChimp Forms by MailMunch plugin <= 3.1.4 - Broken Access Control — MailChimp Forms by MailMunchCWE-862 4.3 Medium2024-12-13
CVE-2024-8735 MailMunch – Grow your Email List <= 3.1.8 - Reflected Cross-Site Scripting — MailMunch – Grow your Email ListCWE-79 6.1 Medium2024-11-22
CVE-2024-8726 MailChimp Forms by MailMunch <= 3.2.3 - Reflected Cross-Site Scripting — MailChimp Forms by MailMunchCWE-79 6.1 Medium2024-11-20
CVE-2024-9614 Constant Contact Forms by MailMunch <= 2.1.2 - Reflected Cross-Site Scripting — Constant Contact Forms by MailMunchCWE-79 6.1 Medium2024-11-13
CVE-2024-31378 WordPress MailChimp Forms by MailMunch plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerability — MailChimp Forms by MailMunchCWE-352 5.4 Medium2024-04-15
CVE-2024-31349 WordPress MailMunch – Grow your Email List plugin <= 3.1.6 - Cross Site Scripting (XSS) vulnerability — MailMunch – Grow your Email ListCWE-79 6.5 Medium2024-04-07
CVE-2024-29793 WordPress MailChimp Forms by MailMunch plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability — MailChimp Forms by MailMunchCWE-79 6.5 Medium2024-03-27
CVE-2024-22137 WordPress Constant Contact Forms by MailMunch Plugin <= 2.0.11 is vulnerable to Cross Site Scripting (XSS) — Constant Contact Forms by MailMunchCWE-79 6.5 Medium2024-01-12
CVE-2023-45748 WordPress MailChimp Forms by MailMunch Plugin <= 3.1.4 is vulnerable to Cross Site Request Forgery (CSRF) — MailChimp Forms by MailMunchCWE-352 4.3 Medium2023-10-16
CVE-2023-45647 WordPress Constant Contact Forms by MailMunch Plugin <= 2.0.10 is vulnerable to Cross Site Request Forgery (CSRF) — Constant Contact Forms by MailMunchCWE-352 5.4 Medium2023-10-16
CVE-2023-41852 WordPress MailMunch – Grow your Email List Plugin <= 3.1.2 is vulnerable to Cross Site Request Forgery (CSRF) — MailMunch – Grow your Email ListCWE-352 4.3 Medium2023-10-10

This page lists every published CVE security advisory associated with MailMunch. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.