Description
WordPress Plugin MailUp newsletter sign-up form is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify plugin settings via 'formData=save' requests. WordPress Plugin MailUp newsletter sign-up form version 1.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.3 or latest
References
Related Vulnerabilities
Moodle Other Vulnerability (CVE-2006-4942)
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-7529)
WordPress Plugin Token Manager 'tid' Parameter Multiple Cross-Site Scripting Vulnerabilities (1.0.2)
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)
LimeSurvey Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-16187)