56 matches found
CVE-2024-8726 MailChimp Forms by MailMunch <= 3.2.3 - Reflected Cross-Site Scripting
The MailChimp Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress plugin MailChimp Forms by MailMunch 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress MailChimp Forms by MailMunch plugin <= 3.2.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin MailChimp Forms by MailMunch versions = 3.2.3...
WordPress MailChimp Forms by MailMunch Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS)
Software MailChimp Forms by MailMunch Type Plugin Vulnerable versions = 3.2.3 Fixed in 3.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8726 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d5af616af430 Credits vgo0...
CVE-2024-8870
The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated...
CVE-2024-8870 Forms for Mailchimp by Optin Cat – Grow Your MailChimp List <= 2.5.7 - Reflected Cross-Site Scripting
The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated...
PT-2024-39288 · WordPress · Forms For Mailchimp By Optin Cat
Name of the Vulnerable Software and Affected Versions: The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress versions up to, and including, 2.5.6 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate...
CVE-2024-7489
The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-7489 Forms for Mailchimp by Optin Cat <= 2.5.7 - Authenticated (Editor+) Stored Cross-Site Scripting via Form Color Parameters
The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-25095
Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for Mailchimp.This issue affects Easy Forms for Mailchimp: from n/a through 6.9.0...
CVE-2024-31378
Cross-Site Request Forgery CSRF vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1...
CVE-2024-31378
Cross-Site Request Forgery CSRF vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1...
CVE-2024-31378 WordPress MailChimp Forms by MailMunch plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1...
CVE-2024-31378
CVE-2024-31378 is a Cross-Site Request Forgery (CSRF) vulnerability reported in MailMunch MailChimp Forms by MailMunch. Public details in connected docs indicate the affected product is MailChimp Forms by MailMunch and the issue covers versions up to 3.2.1. No exploit, root-cause, impact, or patc...
PT-2024-24024 · Mailmunch · Mailchimp Forms By Mailmunch
Name of the Vulnerable Software and Affected Versions: MailChimp Forms by MailMunch versions 3.2.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...
WordPress Plugin MailChimp Forms by MailMunch 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin MailChimp Forms by MailMun...
WordPress MailChimp Forms by MailMunch plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin MailChimp Forms by MailMunch versions = 3.2.1...
CVE-2024-29793
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2...
CVE-2024-29793
CVE-2024-29793 is a Stored XSS in the MailChimp Forms by MailMunch plugin for WordPress (MailChimp Forms by MailMunch), affecting versions up to 3.2.2. The vulnerability is described as Stored XSS via Shortcode. Wordfence and related feeds note that the issue has been patched; specific fixed vers...
PT-2024-23037 · Mailmunch · Mailchimp Forms By Mailmunch
Name of the Vulnerable Software and Affected Versions: MailChimp Forms by MailMunch versions 3.2.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...