Lucene search
K

48 matches found

CVE
CVE
added 2025/10/01 3:25 a.m.15 views

CVE-2025-10735

The CVE-2025-10735 entry concerns the WordPress plugin Block for Mailchimp – Easy Mailchimp Form Integration, affected up to version 1.1.12. Multiple sources (Wordfence, CNVD, RH, NVD, Patchstack) describe a blind Server-Side Request Forgery (SSRF) vulnerability exploitable via the mcbSubmit_Form...

4CVSS5.6AI score0.00285EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:43 a.m.4 views

CVE-2024-7489

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS6.1AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.6 views

CVE-2023-47545

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

5.9CVSS5.6AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:53 a.m.8 views

CVE-2023-1324

The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sanitise and escape some parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00559EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:54 p.m.8 views

CVE-2022-2267

The Mailchimp for WooCommerce WordPress plugin before 2.7.1 has an AJAX action that allows any logged in users such as subscriber to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it can be used to scan priva...

4.3CVSS6.7AI score0.00585EPSS
Exploits2References1
Patchstack
Patchstack
added 2025/03/27 9:32 p.m.5 views

WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Nmedia MailChimp versions = 5.4...

6.5CVSS6.2AI score0.00268EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.4 views

WordPress plugin Import Users to MailChimp 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS8.1AI score0.0017EPSS
Exploits0References1
CVE
CVE
added 2024/10/26 3:13 a.m.58 views

CVE-2024-8870

The CVE-2024-8870 entry concerns the WordPress plugin Forms for Mailchimp by Optin Cat – Grow Your MailChimp List, with a Reflected Cross-Site Scripting (XSS) flaw caused by improper escaping of add_query_arg. Affected versions are all up to and including 2.5.6. Unauthenticated attackers could in...

6.1CVSS6.1AI score0.00494EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.4 views

WordPress plugin SSV MailChimp 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS6.7AI score0.0051EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/15 11:26 a.m.7 views

WordPress SSV MailChimp plugin <= 3.1.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin SSV MailChimp versions = 3.1.5...

7.5CVSS7AI score0.0051EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.7 views

PT-2024-39275 · WordPress · Mc4Wp: Mailchimp For Wordpress

Name of the Vulnerable Software and Affected Versions: MC4WP: Mailchimp for WordPress plugin for WordPress versions 4.9.9 through 4.9.16 Description: The issue is related to Reflected Cross-Site Scripting via the email parameter when a placeholder such as email is used for the field. This is due ...

6.1CVSS6.5AI score0.00453EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/04/26 12:0 a.m.9 views

WordPress Contact Form 7 Extension For Mailchimp Plugin <= 0.5.70 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Form 7 Extension For Mailchimp Type Plugin Vulnerable versions = 0.5.70 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-33677 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0c99f758367e Credi...

4.3CVSS6.6AI score0.00201EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/27 12:42 p.m.13 views

CVE-2024-29793 WordPress MailChimp Forms by MailMunch plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2...

6.5CVSS6.5AI score0.00357EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/01/08 12:0 a.m.12 views

WordPress Contact Form 7 Extension For Mailchimp Plugin <= 0.5.70 is vulnerable to Server Side Request Forgery (SSRF)

Software Contact Form 7 Extension For Mailchimp Type Plugin Vulnerable versions = 0.5.70 Fixed in N/A OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-22134 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID...

6.5CVSS6.6AI score0.00277EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.8 views

Forms for Mailchimp by Optin Cat < 2.5.5 - Authenticated (Editor+) Stored Cross-Site Scripting

Description The Forms for Mailchimp by Optin Cat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the paramsstr function in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

5.9CVSS5.9AI score0.00382EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/11/14 9:15 p.m.5 views

CVE-2023-47545

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

5.4CVSS7.3AI score0.00382EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.4 views

WordPress plugin Easy Forms for Mailchimp 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS5.9AI score0.01092EPSS
Exploits2References2
Patchstack
Patchstack
added 2023/05/17 12:0 a.m.12 views

WordPress Easy Forms for Mailchimp Plugin <= 6.8.8 is vulnerable to Cross Site Scripting (XSS)

Software Easy Forms for Mailchimp Type Plugin Vulnerable versions = 6.8.8 Fixed in 6.8.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23900 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID d4b18f8ce4ea Credits Rafie...

6.1CVSS5.7AI score0.00362EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/24 6:30 p.m.9 views

CVE-2023-1324 Easy Forms for MailChimp < 6.8.8 - Reflected XSS

The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sanitise and escape some parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6AI score0.00559EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/04/17 12:0 a.m.4 views

WordPress Plugin Easy Forms for Mailchimp 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS6.5AI score0.00529EPSS
Exploits2References2
Rows per page
Query Builder