Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MailerLite — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting MailerLite. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MailerLite provides email marketing and automation services for businesses. Historically, vulnerabilities have included stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from input validation failures and insecure direct object references. The platform has addressed multiple security issues, with nine CVEs recorded to date. While no major public security incidents have been widely reported, the consistent discovery of vulnerabilities highlights ongoing challenges in securing complex web applications with extensive user interaction and data handling capabilities.

Top products by MailerLite: MailerLite – WooCommerce integration MailerLite – Signup forms (official) MailerLite (WordPress plugin) MailerLite
CVE IDTitleCVSSSeverityPublished
CVE-2026-25420 WordPress MailerLite plugin <= 1.7.18 - Broken Access Control vulnerability — MailerLiteCWE-862 4.3 Medium2026-02-19
CVE-2025-67945 WordPress MailerLite – WooCommerce integration plugin <= 3.1.2 - SQL Injection vulnerability — MailerLite – WooCommerce integrationCWE-89 9.3 Critical2026-01-22
CVE-2026-1000 MailerLite - WooCommerce integration <= 3.1.3 - Missing Authorization to Data Deletion — MailerLite – WooCommerce integrationCWE-862 6.5 Medium2026-01-16
CVE-2025-13993 MailerLite – Signup forms (official) <= 1.7.16 - Authenticated (Administrator+) Stored Cross-Site Scripting — MailerLite – Signup forms (official)CWE-79 5.5 Medium2025-12-12
CVE-2023-52227 WordPress MailerLite – WooCommerce integration plugin <= 2.0.8 - Broken Access Control vulnerability — MailerLite – WooCommerce integrationCWE-862 4.3 Medium2024-06-11
CVE-2024-2797 MailerLite – Signup forms (official) <= 1.7.6 - Missing Authorization — MailerLite – Signup forms (official)CWE-862 5.3 Medium2024-05-02
CVE-2024-1386 WordPress plugin MailerLite 安全漏洞 — MailerLite – Signup forms (official) 6.4 Medium2024-05-02
CVE-2023-52223 WordPress MailerLite – WooCommerce integration Plugin <= 2.0.8 is vulnerable to Cross Site Request Forgery (CSRF) — MailerLite – WooCommerce integrationCWE-352 5.4 Medium2024-02-28
CVE-2022-33201 WordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerability — MailerLite (WordPress plugin)CWE-352 6.3 Medium2022-08-05

This page lists every published CVE security advisory associated with MailerLite. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.