CVE-2026-1000 – The MailerLite - WooCommerce integration plugin... (How to Fix)

Q: What is the severity of CVE-2026-1000?

CVE-2026-1000 has a CVSS score of 6.5 (MEDIUM). The MailerLite - WooCommerce integration plugin for WordPress has a missing capability check vulnerability that allows authenticated attackers with Subscriber-level access or higher to reset plugin integration settings, delete all plugin options, and drop database tables. This results in complete loss of plugin data including customer abandoned cart information and sync job history. All WordPress sites using this plugin up to version 3.1.3 are affected.

📋 TL;DR

The MailerLite - WooCommerce integration plugin for WordPress has a missing capability check vulnerability that allows authenticated attackers with Subscriber-level access or higher to reset plugin integration settings, delete all plugin options, and drop database tables. This results in complete loss of plugin data including customer abandoned cart information and sync job history. All WordPress sites using this plugin up to version 3.1.3 are affected.

💻 Affected Systems

Products:

MailerLite - WooCommerce integration plugin for WordPress

Versions: All versions up to and including 3.1.3

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with the vulnerable plugin enabled. Any authenticated user with Subscriber role or higher can exploit.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete loss of plugin data including abandoned cart information and sync history, disruption of email marketing operations, and potential business impact from lost customer data.

🟠

Likely Case

Malicious user or compromised account resets plugin settings and deletes database tables, causing loss of abandoned cart tracking and requiring plugin reconfiguration.

🟢

If Mitigated

Minimal impact if proper access controls and monitoring are in place to detect unauthorized plugin modifications.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but only Subscriber-level permissions. The vulnerability is simple to exploit once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.1.4 or later

Vendor Advisory: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3415073%40woo-mailerlite%2Ftrunk&old=3399626%40woo-mailerlite%2Ftrunk&sfp_email=&sfph_mail=

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'MailerLite - WooCommerce integration' plugin. 4. Click 'Update Now' if available, or manually update to version 3.1.4+. 5. Verify plugin functionality after update.

🔧 Temporary Workarounds

Restrict User Roles

all

Temporarily restrict Subscriber and other low-privilege user roles from accessing the site until patched.

Disable Plugin

linux

Temporarily disable the MailerLite - WooCommerce integration plugin until patched.

wp plugin deactivate woo-mailerlite

🧯 If You Can't Patch

Remove Subscriber and other low-privilege user accounts until patched
Implement web application firewall rules to block access to vulnerable plugin endpoints

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Installed Plugins for 'MailerLite - WooCommerce integration' version 3.1.3 or earlier

Check Version:

wp plugin get woo-mailerlite --field=version

Verify Fix Applied:

Verify plugin version is 3.1.4 or later in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

WordPress logs showing Subscriber or low-privilege users accessing admin functions
Database logs showing DROP TABLE operations on woo_mailerlite_* tables
Plugin reset or deactivation events from non-admin users

Network Indicators:

POST requests to /wp-admin/admin-ajax.php with action=resetIntegration from non-admin users

SIEM Query:

source="wordpress.log" AND ("resetIntegration" OR "woo_mailerlite" AND ("DROP" OR "DELETE")) AND user_role!="administrator"

📊 Metadata

CVE ID: CVE-2026-1000

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE: CWE-862

EPSS Score: 0.03% exploit probability (8.7th percentile)

Published: January 16, 2026

Last Updated: January 16, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-1000, you might also want to check these: