MailerLite – Signup forms (official)

Vulnerabilities 14Slug official-mailerlite-sign-up-formsLatest version 1.7.23WordPress.org →

Minimum safe version

1.7.19

Update to 1.7.19 or later to address 14 fixable vulnerabilities

Latest available1.7.23 ✓

Medium 4.3

2026-02-19< 1.7.19

CVE-2026-25420

CVE Wordfence

Medium 5.5

2025-12-12< 1.7.17

CVE-2025-13993

CVE Wordfence

Medium 6.4

2024-05-02< 1.7.7

CVE-2024-1386

CVE Patchstack Wordfence

Medium 5.3

2024-05-02< 1.7.7

CVE-2024-2797

CVE Patchstack Wordfence

N/A

2023-05-25< 1.4.4

WordPress MailerLite – Signup forms Plugin <= 1.4.3 is vulnerable to SQL Injection

Patchstack

N/A

2023-05-25< 1.4.5

WordPress MailerLite – Signup forms Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Patchstack

N/A

2020-05-22< 1.4.5

MailerLite – Signup forms <= 1.4.4 - Cross-Site Request Forgery

Wordfence

N/A

2020-05-22< 1.4.4

MailerLite Signup Forms < 1.4.4 - Unauthenticated SQL Injection

Wordfence

N/A

< 1.4.5

Official MailerLite Sign Up Forms < 1.4.5 - Multiple CSRF Issues

WPScan

N/A

< 1.4.4

Official MailerLite Sign Up Forms < 1.4.4 - Unauthenticated SQL Injection

WPScan

Medium 6.3

2022-08-05< 1.5.8

CVE-2022-33201

CVE Patchstack Wordfence WPScan

Medium 6.1

2022-06-13< 1.5.4

CVE-2022-1604

CVE Patchstack Wordfence WPScan

N/A

2020-05-25< 1.4.5

WordPress Official MailerLite Sign Up Forms plugin <= 1.4.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Patchstack

N/A

2020-05-25< 1.4.4

WordPress Official MailerLite Sign Up Forms plugin <= 1.4.3 - Unauthenticated SQL Injection (SQLi) vulnerability

Patchstack