48 matches found
CVE-2025-10735
The CVE-2025-10735 entry concerns the WordPress plugin Block for Mailchimp – Easy Mailchimp Form Integration, affected up to version 1.1.12. Multiple sources (Wordfence, CNVD, RH, NVD, Patchstack) describe a blind Server-Side Request Forgery (SSRF) vulnerability exploitable via the mcbSubmit_Form...
CVE-2024-7489
The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2023-47545
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...
CVE-2023-1324
The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sanitise and escape some parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2022-2267
The Mailchimp for WooCommerce WordPress plugin before 2.7.1 has an AJAX action that allows any logged in users such as subscriber to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it can be used to scan priva...
WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Nmedia MailChimp versions = 5.4...
WordPress plugin Import Users to MailChimp 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2024-8870
The CVE-2024-8870 entry concerns the WordPress plugin Forms for Mailchimp by Optin Cat – Grow Your MailChimp List, with a Reflected Cross-Site Scripting (XSS) flaw caused by improper escaping of add_query_arg. Affected versions are all up to and including 2.5.6. Unauthenticated attackers could in...
WordPress plugin SSV MailChimp 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress SSV MailChimp plugin <= 3.1.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin SSV MailChimp versions = 3.1.5...
PT-2024-39275 · WordPress · Mc4Wp: Mailchimp For Wordpress
Name of the Vulnerable Software and Affected Versions: MC4WP: Mailchimp for WordPress plugin for WordPress versions 4.9.9 through 4.9.16 Description: The issue is related to Reflected Cross-Site Scripting via the email parameter when a placeholder such as email is used for the field. This is due ...
WordPress Contact Form 7 Extension For Mailchimp Plugin <= 0.5.70 is vulnerable to Cross Site Request Forgery (CSRF)
Software Contact Form 7 Extension For Mailchimp Type Plugin Vulnerable versions = 0.5.70 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-33677 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0c99f758367e Credi...
CVE-2024-29793 WordPress MailChimp Forms by MailMunch plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2...
WordPress Contact Form 7 Extension For Mailchimp Plugin <= 0.5.70 is vulnerable to Server Side Request Forgery (SSRF)
Software Contact Form 7 Extension For Mailchimp Type Plugin Vulnerable versions = 0.5.70 Fixed in N/A OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-22134 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID...
Forms for Mailchimp by Optin Cat < 2.5.5 - Authenticated (Editor+) Stored Cross-Site Scripting
Description The Forms for Mailchimp by Optin Cat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the paramsstr function in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
CVE-2023-47545
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...
WordPress plugin Easy Forms for Mailchimp 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Easy Forms for Mailchimp Plugin <= 6.8.8 is vulnerable to Cross Site Scripting (XSS)
Software Easy Forms for Mailchimp Type Plugin Vulnerable versions = 6.8.8 Fixed in 6.8.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23900 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID d4b18f8ce4ea Credits Rafie...
CVE-2023-1324 Easy Forms for MailChimp < 6.8.8 - Reflected XSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sanitise and escape some parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Plugin Easy Forms for Mailchimp 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...