Lucene search
K

651 matches found

NVD
NVD
added 2026/02/19 7:17 a.m.8 views

CVE-2025-12172

The Mailchimp List Subscribe Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on the mailchimpsfchangelistifnecessary function. This makes it possible for unauthenticated attacke...

4.3CVSS0.00135EPSS
Exploits0References2
CVE
CVE
added 2026/02/19 3:25 a.m.16 views

CVE-2025-12172

CVE-2025-12172 affects the WordPress plugin Mailchimp List Subscribe Form (

4.3CVSS5.4AI score0.00135EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/19 3:25 a.m.42 views

CVE-2025-12172 Mailchimp List Subscribe Form <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List Change

The Mailchimp List Subscribe Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on the mailchimpsfchangelistifnecessary function. This makes it possible for unauthenticated attacke...

4.3CVSS0.00135EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/19 3:25 a.m.3 views

CVE-2025-12172 Mailchimp List Subscribe Form <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List Change

The Mailchimp List Subscribe Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on the mailchimpsfchangelistifnecessary function. This makes it possible for unauthenticated attacke...

4.3CVSS5.4AI score0.00135EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20580

Name of the Vulnerable Software and Affected Versions Mailchimp List Subscribe Form versions prior to 2.0.1 Description The Mailchimp List Subscribe Form plugin for WordPress is susceptible to Cross-Site Request Forgery. This is caused by inadequate nonce validation within the mailchimp sf change...

4.3CVSS5.2AI score0.00135EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.8 views

WordPress plugin Mailchimp List Subscribe Form 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.7AI score0.00135EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/02/18 10:1 p.m.8 views

WordPress Mailchimp List Subscribe Form plugin <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List Change vulnerability

Cross-Site Request Forgery to Mailchimp List Change vulnerability discovered by SHIVAM KUMAR in WordPress Plugin Mailchimp List Subscribe Form versions = 2.0.0...

4.3CVSS5.5AI score0.00135EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/15 7:10 a.m.9 views

CVE-2026-1303

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimpcampaignsmanagerdisconnectapp function that is hooked to the AJAX action of the same name. This makes it possib...

5.3CVSS5.3AI score0.00287EPSS
Exploits0References1
NVD
NVD
added 2026/02/14 7:16 a.m.21 views

CVE-2026-1303

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimpcampaignsmanagerdisconnectapp function that is hooked to the AJAX action of the same name. This makes it possib...

5.3CVSS0.00287EPSS
Exploits0References3
CVE
CVE
added 2026/02/14 6:42 a.m.26 views

CVE-2026-1303

CVE-2026-1303 concerns the MailChimp Campaigns plugin for WordPress (olalaweb-mailchimp-campaign-manager) versions

5.3CVSS5.3AI score0.00287EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/14 6:42 a.m.4 views

CVE-2026-1303 MailChimp Campaigns <= 3.2.4 - Missing Authorization to Authenticated (Subscriber+) MailChimp App Disconnection

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimpcampaignsmanagerdisconnectapp function that is hooked to the AJAX action of the same name. This makes it possib...

5.3CVSS5.3AI score0.00287EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/14 6:42 a.m.31 views

CVE-2026-1303 MailChimp Campaigns <= 3.2.4 - Missing Authorization to Authenticated (Subscriber+) MailChimp App Disconnection

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimpcampaignsmanagerdisconnectapp function that is hooked to the AJAX action of the same name. This makes it possib...

5.3CVSS0.00287EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/14 6:42 a.m.3 views

CVE-2026-1303

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimpcampaignsmanagerdisconnectapp function that is hooked to the AJAX action of the same name. This makes it possib...

5.3CVSS5.3AI score0.00287EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/14 12:0 a.m.10 views

PT-2026-8072

The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the mailchimp campaigns manager disconnect app function that is hooked to the AJAX action of the same name. This makes it...

5.3CVSS5.3AI score0.00287EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.8 views

WordPress plugin MailChimp Campaigns 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.8AI score0.00287EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/02/13 11:9 p.m.6 views

WordPress MailChimp Campaigns plugin <= 3.2.4 - Missing Authorization to Authenticated (Subscriber+) MailChimp App Disconnection vulnerability

Missing Authorization to Authenticated Subscriber+ MailChimp App Disconnection vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin MailChimp Campaigns versions = 3.2.4...

5.3CVSS5.5AI score0.00287EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 11:11 a.m.8 views

CVE-2016-10871

The mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the integration settings page...

6.1CVSS6.2AI score0.00923EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:33 a.m.5 views

CVE-2017-18577

The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of addqueryarg...

6.1CVSS6.1AI score0.00905EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/31 11:5 a.m.3 views

CVE-2025-68989

Insertion of Sensitive Information Into Sent Data vulnerability in Renzo Johnson contact-form-7-mailchimp-extension contact-form-7-mailchimp-extension allows Retrieve Embedded Sensitive Data.This issue affects contact-form-7-mailchimp-extension: from n/a through = 0.9.68...

4.3CVSS5.8AI score0.00215EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Popup - MailChimp, GetResponse and ActiveCampaign Intergrations plugin <= 3.2.6 - Unauthenticated SQL Injection vulnerability

WordPress Popup - MailChimp, GetResponse and ActiveCampaign Intergrations plugin = 3.2.6 - Unauthenticated SQL Injection vulnerability discovered by Lucio Sá in WordPress Plugin Popup – MailChimp, GetResponse and ActiveCampaign Intergrations versions = 3.2.6...

7.5CVSS5.7AI score0.0096EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder