Cross site scripting

2014-09-2621:55:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.1%

JSON

Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the update_options action to wp-admin/admin-ajax.php.

CPENameOperatorVersion
easy_mailchimp_forms_plugineq5.0.4
easy_mailchimp_forms_plugineq4.1
easy_mailchimp_forms_plugineq5.0.6
easy_mailchimp_forms_plugineq4.4
easy_mailchimp_forms_plugineq4.2.1
easy_mailchimp_forms_plugineq4.2
easy_mailchimp_forms_plugineq5.0.2
easy_mailchimp_forms_plugineq5.0.3
easy_mailchimp_forms_plugineq5.0
easy_mailchimp_forms_plugineq5.0.1

Name	Operator	Version
easy_mailchimp_forms_plugin	eq	5.0.4
easy_mailchimp_forms_plugin	eq	4.1
easy_mailchimp_forms_plugin	eq	5.0.6
easy_mailchimp_forms_plugin	eq	4.4
easy_mailchimp_forms_plugin	eq	4.2.1
easy_mailchimp_forms_plugin	eq	4.2
easy_mailchimp_forms_plugin	eq	5.0.2
easy_mailchimp_forms_plugin	eq	5.0.3
easy_mailchimp_forms_plugin	eq	5.0
easy_mailchimp_forms_plugin	eq	5.0.1