Lucene search
China National Vulnerability DatabaseCNVD-2022-19820HistoryJan 26, 2022 - 12:00 a.m.
WordPress Easy Forms for Mailchimp plugin cross-site scripting vulnerability
2022-01-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
30.0%
WordPress is a set of blogging platforms developed using the PHP language by the WordPress (Wordpress) Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions of the Easy Forms for Mailchimp plugin for WordPress prior to 6.8.6, which stems from the field name and field type parameters not being cleaned up and escaped before being output back to the property. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress easy forms for mailchimp plugin | lt | 6.8.6 |
Related
wpexploit
wpexploit
Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting
2021-12-21 00:00:00
wpvulndb
wpvulndb
Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting
2021-12-21 00:00:00
cve
cve
CVE-2021-24985
2022-01-24 08:15:09
osv
osv
CVE-2021-24985
2022-01-24 08:15:09
patchstack
patchstack
prion
prion
Cross site scripting
2022-01-24 08:15:00
openvas
openvas
WordPress Easy Forms for Mailchimp Plugin < 6.8.6 XSS Vulnerability
2022-01-26 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2021-24985
2022-01-24 08:15:09