MailerLite Vulnerability – Signup forms (official) – Multiple Vulnerabilities – CVE-2024-2797, CVE-2024-1386 | WordPress Plugin Vulnerability Report

Plugin Name: MailerLite – Signup forms (official)

Key Information:

  • Software Type: Plugin
  • Software Slug: official-mailerlite-sign-up-forms
  • Software Status: Active
  • Software Author: mailerlite
  • Software Downloads: 1,634,637
  • Active Installs: 80,000
  • Last Updated: May 10, 2024
  • Patched Versions: 1.7.7
  • Affected Versions: <= 1.7.6

Vulnerability Details:

  1. Name: MailerLite – Signup forms (official) <= 1.7.6
    • Title: Missing Authorization
    • Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
    • CVE: CVE-2024-2797
    • CVSS Score: 5.3
    • Publicly Published: April 29, 2024
    • Researcher: Krzysztof Zając - CERT PL
    • Description: The plugin is vulnerable to unauthorized plugin setting changes due to a missing capability check on the toggleRolesAndPermissions and editAllowedRolesAndPermissions functions. This allows unauthenticated attackers to modify form settings, potentially enabling lower-level users to make unauthorized changes.
  2. Name: MailerLite – Signup forms (official) 1.5.0 - 1.7.6
    • Title: Authenticated (Contributor+) Stored Cross-Site Scripting
    • Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
    • CVE: CVE-2024-1386
    • CVSS Score: 6.4
    • Publicly Published: April 29, 2024
    • Researcher: Richard Telleng (stueotue)
    • Description: Vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) due to insufficient input sanitization and output escaping. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts that execute whenever a user accesses an injected page.

Summary:

The MailerLite – Signup forms (official) plugin for WordPress has significant vulnerabilities in versions up to and including 1.7.6. These include unauthorized setting changes and stored XSS attacks, both of which have been patched in version 1.7.7.

Detailed Overview:

These vulnerabilities present serious security risks. The first allows unauthenticated users to potentially escalate their privileges within WordPress, while the second exposes users to malicious scripts that could compromise their personal information. Both vulnerabilities were swiftly addressed by the plugin developers with the release of version 1.7.7, which corrects these issues by implementing stricter capability checks and enhancing input sanitization processes.

Advice for Users:

  • Immediate Action: Update to version 1.7.7 immediately to mitigate these vulnerabilities.
  • Check for Signs of Vulnerability: Regularly review your plugin settings and user roles for unauthorized changes and inspect your site's pages for unexpected scripts or content.
  • Alternate Plugins: While updates are available, maintaining an understanding of alternative plugins can provide backup options should vulnerabilities reoccur.
  • Stay Updated: Always keep your plugins and WordPress core up to date to protect against known exploits and vulnerabilities.

Conclusion:

The prompt response from the developers of MailerLite – Signup forms (official) to patch these vulnerabilities underscores the importance of maintaining current updates on all WordPress plugins. Users are encouraged to update to version 1.7.7 or later to secure their installations and ensure the continued safety of their sites and user data.

References:

Detailed Report: 

Why Timely Plugin Updates Are a Cornerstone of Website Security

In the vast ecosystem of WordPress, plugins extend functionality and enhance user experience, making them indispensable tools for website owners. However, this reliance on third-party software introduces a spectrum of security risks, underscored by the recent discovery of critical vulnerabilities in the MailerLite – Signup forms (official) plugin. These vulnerabilities, identified as CVE-2024-2797 and CVE-2024-1386, have exposed serious security lapses that could compromise the integrity of countless websites and the safety of user data.

Plugin Details and Vulnerability Insights:

The MailerLite – Signup forms (official) plugin, which has been downloaded over 1.6 million times and is actively used by approximately 80,000 websites, is designed to streamline user sign-up processes on WordPress sites. Despite its widespread usage, the plugin was recently found vulnerable in versions up to and including 1.7.6. Two major issues were identified:

  1. Missing Authorization (CVE-2024-2797): This vulnerability allowed unauthenticated users to change plugin settings without proper permissions, potentially leading to unauthorized configuration changes.
  2. Stored Cross-Site Scripting (CVE-2024-1386): This flaw permitted authenticated users at the contributor level and above to inject malicious scripts, which could be executed by any user accessing the affected pages.

Risks and Potential Impacts:

These vulnerabilities present significant risks, including unauthorized access and manipulation of website settings and data breaches through script injections. Such actions can compromise user information, degrade trust, and even lead to further exploitations of both users and system resources.

Steps for Remediation:

The developers of the MailerLite plugin acted swiftly to mitigate these issues by releasing version 1.7.7, which includes fixes for both vulnerabilities. Website owners are urged to:

  • Update immediately to the patched version to close off any exploitation opportunities.
  • Review user roles and permissions to ensure no unauthorized changes were made.
  • Scan the website for unusual activities that might indicate past exploitations.
  • Consider alternative plugins if consistent vulnerabilities are a concern.

Overview of Previous Vulnerabilities:

Prior to these events, the plugin had recorded four other vulnerabilities since May 2020, signaling a pattern that necessitates vigilant updates and proactive security measures.

Conclusion:

The rapid resolution of these vulnerabilities by the MailerLite development team underscores the ongoing challenge of digital security in today's software-reliant business environments. For small business owners, particularly those managing their own WordPress sites, the importance of regular updates cannot be overstated. Keeping software up-to-date is a critical defense mechanism against potential threats, ensuring that your digital presence remains secure and trustworthy. Staying on top of updates, monitoring security news, and understanding the tools your website uses are crucial steps in maintaining a safe online environment for both you and your users.

Staying Secure

Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.

Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.

Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.

MailerLite Vulnerability – Signup forms (official) – Multiple Vulnerabilities – CVE-2024-2797, CVE-2024-1386 | WordPress Plugin Vulnerability Report

Leave a Comment