Lucene search
K

56 matches found

Cvelist
Cvelist
added 2024/11/20 6:42 a.m.17 views

CVE-2024-8726 MailChimp Forms by MailMunch <= 3.2.3 - Reflected Cross-Site Scripting

The MailChimp Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.00309EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/20 12:0 a.m.4 views

WordPress plugin MailChimp Forms by MailMunch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS7.6AI score0.00309EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/11/19 8:5 p.m.5 views

WordPress MailChimp Forms by MailMunch plugin <= 3.2.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin MailChimp Forms by MailMunch versions = 3.2.3...

6.1CVSS6.3AI score0.00309EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.12 views

WordPress MailChimp Forms by MailMunch Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS)

Software MailChimp Forms by MailMunch Type Plugin Vulnerable versions = 3.2.3 Fixed in 3.2.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8726 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d5af616af430 Credits vgo0...

6.1CVSS5.9AI score0.00309EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/10/26 4:15 a.m.28 views

CVE-2024-8870

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated...

6.1CVSS0.00494EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/26 3:13 a.m.12 views

CVE-2024-8870 Forms for Mailchimp by Optin Cat – Grow Your MailChimp List <= 2.5.7 - Reflected Cross-Site Scripting

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated...

6.1CVSS6.1AI score0.00494EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/26 12:0 a.m.6 views

PT-2024-39288 · WordPress · Forms For Mailchimp By Optin Cat

Name of the Vulnerable Software and Affected Versions: The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress versions up to, and including, 2.5.6 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate...

6.1CVSS6.5AI score0.00494EPSS
Exploits0References5
NVD
NVD
added 2024/10/12 6:15 a.m.13 views

CVE-2024-7489

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS0.00325EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/12 5:39 a.m.10 views

CVE-2024-7489 Forms for Mailchimp by Optin Cat <= 2.5.7 - Authenticated (Editor+) Stored Cross-Site Scripting via Form Color Parameters

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS6.1AI score0.00325EPSS
Exploits0References4
OSV
OSV
added 2024/06/04 7:18 p.m.5 views

CVE-2024-25095

Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for Mailchimp.This issue affects Easy Forms for Mailchimp: from n/a through 6.9.0...

7.5CVSS5.8AI score0.00421EPSS
Exploits0References1
OSV
OSV
added 2024/04/15 11:15 a.m.6 views

CVE-2024-31378

Cross-Site Request Forgery CSRF vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1...

8.8CVSS5.8AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 2024/04/15 11:15 a.m.19 views

CVE-2024-31378

Cross-Site Request Forgery CSRF vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1...

8.8CVSS5.5AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 10:21 a.m.21 views

CVE-2024-31378 WordPress MailChimp Forms by MailMunch plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1...

5.4CVSS5.7AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 10:21 a.m.62 views

CVE-2024-31378

CVE-2024-31378 is a Cross-Site Request Forgery (CSRF) vulnerability reported in MailMunch MailChimp Forms by MailMunch. Public details in connected docs indicate the affected product is MailChimp Forms by MailMunch and the issue covers versions up to 3.2.1. No exploit, root-cause, impact, or patc...

8.8CVSS5.1AI score0.00221EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.8 views

PT-2024-24024 · Mailmunch · Mailchimp Forms By Mailmunch

Name of the Vulnerable Software and Affected Versions: MailChimp Forms by MailMunch versions 3.2.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

8.8CVSS6.6AI score0.00221EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.12 views

WordPress Plugin MailChimp Forms by MailMunch 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin MailChimp Forms by MailMun...

8.8CVSS6.5AI score0.00221EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/10 6:21 a.m.6 views

WordPress MailChimp Forms by MailMunch plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin MailChimp Forms by MailMunch versions = 3.2.1...

8.8CVSS7AI score0.00221EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/03/27 1:15 p.m.7 views

CVE-2024-29793

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2...

5.4CVSS5.8AI score0.00357EPSS
Exploits0References1
CVE
CVE
added 2024/03/27 12:42 p.m.63 views

CVE-2024-29793

CVE-2024-29793 is a Stored XSS in the MailChimp Forms by MailMunch plugin for WordPress (MailChimp Forms by MailMunch), affecting versions up to 3.2.2. The vulnerability is described as Stored XSS via Shortcode. Wordfence and related feeds note that the issue has been patched; specific fixed vers...

6.5CVSS8.6AI score0.00357EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.7 views

PT-2024-23037 · Mailmunch · Mailchimp Forms By Mailmunch

Name of the Vulnerable Software and Affected Versions: MailChimp Forms by MailMunch versions 3.2.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

6.5CVSS9.1AI score0.00357EPSS
Exploits0References6
Rows per page
Query Builder