Description
WordPress Plugin MailUp newsletter sign-up form is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify plugin settings via 'formData=save' requests. WordPress Plugin MailUp newsletter sign-up form version 1.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.3 or latest
References
Related Vulnerabilities
Python Incorrect Conversion between Numeric Types Vulnerability (CVE-2008-1721)
WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Cross-Site Scripting (16.24.47)
OpenSSL Key Management Errors Vulnerability (CVE-2016-7056)
WordPress Plugin Contextual Related Posts Multiple Vulnerabilities (3.3.1)