Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Email Marketing, Email Automation, Newsletter & Cart Abandonment for WordPress and WooCommerce – Mail Mint 1.18.5

  • Severity: medium-risk
  • Status: Fixed
  • Publication: September 3, 2025

The Mail Mint plugin for WordPress has a security issue that allows attackers to access sensitive information from the database. This vulnerability affects versions 1.18.5 and below. The problem is caused by certain parts of the code not being properly protected and the existing SQL query not being prepared enough. Attackers with administrator-level access can add their own queries to the existing ones, giving them access to private data.

Detected in:

Email Marketing, Email Automation, Newsletter & Cart Abandonment for WordPress and WooCommerce – Mail Mint fixed vulnerable versions: >= * <= 1.18.5
Mail Mint – Newsletters, Email Marketing, Automation, WooCommerce Emails, Post Notification, and more fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.