Lucene search
WPScanCVELIST:CVE-2023-2518HistoryMay 30, 2023 - 7:49 a.m.
CVE-2023-2518 Easy Forms for Mailchimp < 6.8.9 - Reflected XSS
2023-05-3007:49:12
WPScan
www.cve.org
1
mailchimp
wordpress
xss
vulnerability
debug option
admin
0.001 Low
EPSS
Percentile
25.0%
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Easy Forms for Mailchimp",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "6.8.9"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
wpexploit
wpexploit
Easy Forms for Mailchimp < 6.8.9 - Reflected XSS
2023-05-22 00:00:00
nvd
nvd
CVE-2023-2518
2023-05-30 08:15:10
prion
prion
Cross site scripting
2023-05-30 08:15:00
cve
cve
CVE-2023-2518
2023-05-30 08:15:10
osv
osv
CVE-2023-2518
2023-05-30 08:15:10
wpvulndb
wpvulndb
Easy Forms for Mailchimp < 6.8.9 - Reflected XSS
2023-05-22 00:00:00
openvas
openvas
WordPress Easy Forms for Mailchimp Plugin < 6.8.9 Multiple Vulnerability
2023-06-16 00:00:00