The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
CPE | Name | Operator | Version |
---|---|---|---|
easy_forms_for_mailchimp | lt | 6.8.6 |