Lucene search
K

649 matches found

NVD
NVD
added 2025/07/04 9:15 a.m.6 views

CVE-2025-29012

Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on CF7-mailchimp-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.4...

5.3CVSS0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/04 8:42 a.m.2 views

CVE-2025-29012 WordPress CF7 7 Mailchimp Add-on plugin <= 2.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.2...

5.3CVSS7.1AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/04 8:42 a.m.10 views

CVE-2025-29012 WordPress CF7 7 Mailchimp Add-on plugin < 2.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on CF7-mailchimp-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.4...

5.3CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2025/07/04 8:42 a.m.21 views

CVE-2025-29012

CVE-2025-29012 affects the CF7 7 Mailchimp Add-on with Missing Authorization due to incorrectly configured access control. Affected versions are n/a through 2.2; Patch Status is Unpatched per Wordfence listings and Red Hat/CVE aggregations. The connected documents corroborate a Broken Access Cont...

5.3CVSS5.9AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.2 views

PT-2025-27884 · Unknown · Kamleshyadav Cf7 7 Mailchimp Add-On

Name of the Vulnerable Software and Affected Versions: kamleshyadav CF7 7 Mailchimp Add-on versions n/a through 2.2 Description: The issue is related to a Missing Authorization vulnerability that allows exploitation of incorrectly configured access control security levels. Recommendations: For...

5.3CVSS6.1AI score0.00211EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.3 views

WordPress plugin CF7 7 Mailchimp Add-on 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

5.3CVSS6.5AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:42 a.m.7 views

CVE-2025-22727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginOps MailChimp Subscribe Forms mailchimp-subscribe-sm allows Stored XSS.This issue affects MailChimp Subscribe Forms : from n/a through = 4.1...

6.5CVSS7.2AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:43 a.m.4 views

CVE-2024-7489

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS6.1AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:3 a.m.13 views

CVE-2024-29793

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2...

6.5CVSS8.6AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:34 a.m.6 views

CVE-2024-22134

Server-Side Request Forgery SSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

6.5CVSS7.1AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.3 views

CVE-2024-30523

Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Mailchimp Add On pmpro-mailchimp.This issue affects Paid Memberships Pro – Mailchimp Add On: from n/a through 2.3.4...

5.3CVSS8.6AI score0.00447EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:29 a.m.4 views

CVE-2024-5053

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability check on the verifyRequest function in all versions up to, and including, 5.1.18. This makes it...

4.3CVSS5.9AI score0.00402EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:13 a.m.8 views

CVE-2024-9210

The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

6.1CVSS6.4AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.16 views

CVE-2024-6489

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getgoogleapikey function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level access a...

5.3CVSS6.4AI score0.00298EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:0 a.m.18 views

CVE-2024-6491

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimpapikeymanage function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level...

4.3CVSS6.4AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:57 a.m.4 views

CVE-2024-33677

Cross-Site Request Forgery CSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

4.3CVSS5.1AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:39 a.m.6 views

CVE-2024-31378

Cross-Site Request Forgery CSRF vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1...

8.8CVSS5.1AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:20 a.m.5 views

CVE-2024-8870

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated...

6.1CVSS6.1AI score0.00494EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:20 a.m.7 views

CVE-2024-8726

The MailChimp Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6.4AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:19 a.m.6 views

CVE-2024-8850

The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email' parameter when a placeholder such as email is used for the field in versions 4.9.9 to 4.9.16 due to insufficient input sanitization and output escaping. This makes it possible f...

6.1CVSS6.3AI score0.00453EPSS
Exploits0References1
Rows per page
Query Builder