CVE-2014-7152

2014-09-2621:55:07

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.0%

JSON

Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the update_options action to wp-admin/admin-ajax.php.

Affected configurations

Nvd

Node

mailchimpeasy_mailchimp_forms_pluginMatch3.0wordpress

mailchimpeasy_mailchimp_forms_pluginMatch4.0wordpress

mailchimpeasy_mailchimp_forms_pluginMatch4.1wordpress

mailchimpeasy_mailchimp_forms_pluginMatch4.2wordpress

mailchimpeasy_mailchimp_forms_pluginMatch4.2.1wordpress

mailchimpeasy_mailchimp_forms_pluginMatch4.3wordpress

mailchimpeasy_mailchimp_forms_pluginMatch4.4wordpress

mailchimpeasy_mailchimp_forms_pluginMatch5.0wordpress

mailchimpeasy_mailchimp_forms_pluginMatch5.0.1wordpress

mailchimpeasy_mailchimp_forms_pluginMatch5.0.2wordpress

mailchimpeasy_mailchimp_forms_pluginMatch5.0.3wordpress

mailchimpeasy_mailchimp_forms_pluginMatch5.0.4wordpress

mailchimpeasy_mailchimp_forms_pluginMatch5.0.5wordpress

mailchimpeasy_mailchimp_forms_pluginMatch5.0.6wordpress

VendorProductVersionCPE
mailchimpeasy_mailchimp_forms_plugin3.0cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:3.0:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin4.0cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.0:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin4.1cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.1:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin4.2cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.2:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin4.2.1cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.2.1:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin4.3cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.3:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin4.4cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.4:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin5.0cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:5.0:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin5.0.1cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:5.0.1:*:*:*:*:wordpress:*:*
mailchimpeasy_mailchimp_forms_plugin5.0.2cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:5.0.2:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
mailchimp	easy_mailchimp_forms_plugin	3.0	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:3.0:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	4.0	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.0:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	4.1	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.1:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	4.2	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.2:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	4.2.1	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.2.1:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	4.3	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.3:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	4.4	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:4.4:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	5.0	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:5.0:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	5.0.1	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:5.0.1:::::wordpress::
mailchimp	easy_mailchimp_forms_plugin	5.0.2	cpe:2.3:a:mailchimp:easy_mailchimp_forms_plugin:5.0.2:::::wordpress::