Getwpfunnels Mail Mint – Email Marketing, Newsletter, Email Automation & Woocommerce Emails
4 CVEs affecting Getwpfunnels Mail Mint – Email Marketing, Newsletter, Email Automation & Woocommerce Emails. Latest disclosed: 2026-07-09. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-11967 | High | 7.2 | 2025-11-08 | The Mail Mint plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the process_contact_attribute_import function… |
CVE-2026-1447 | Medium | 5.4 | 2026-02-03 | The Mail Mint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19.2. This is due to missing nonce valid… |
CVE-2026-14342 | Medium | 4.9 | 2026-07-09 | The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'cont… |
CVE-2026-1258 | Medium | 4.9 | 2026-02-14 | The Mail Mint plugin for WordPress is vulnerable to blind SQL Injection via the 'forms', 'automation', 'email/templates', and 'contacts/import/tutorlms/map' AP… |