Lucene search
K

649 matches found

NVD
NVD
added 2024/10/17 6:15 p.m.30 views

CVE-2024-49285

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Jeroen Berkvens SSV MailChimp ssv-mailchimp allows PHP Local File Inclusion.This issue affects SSV MailChimp: from n/a through = 3.1.5...

7.5CVSS0.0051EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/17 5:17 p.m.21 views

CVE-2024-49285 WordPress SSV MailChimp plugin <= 3.1.5 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Jeroen Berkvens SSV MailChimp ssv-mailchimp allows PHP Local File Inclusion.This issue affects SSV MailChimp: from n/a through = 3.1.5...

7.5CVSS0.0051EPSS
Exploits0References1
CVE
CVE
added 2024/10/17 5:17 p.m.53 views

CVE-2024-49285

CVE-2024-49285 affects the WordPress plugin SSV MailChimp (versions

7.5CVSS5.9AI score0.0051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/17 5:17 p.m.14 views

CVE-2024-49285 WordPress SSV MailChimp plugin <= 3.1.5 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Moridrin SSV MailChimp allows PHP Local File Inclusion.This issue affects SSV MailChimp: from n/a through 3.1.5...

7.5CVSS6.9AI score0.0051EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/17 12:0 a.m.3 views

PT-2024-33425 · Unknown · Moridrin Ssv Mailchimp

Name of the Vulnerable Software and Affected Versions: Moridrin SSV MailChimp versions 3.1.5 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This allows for PHP Local File Inclusion. T...

7.5CVSS7.1AI score0.0051EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.4 views

WordPress plugin SSV MailChimp 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS6.7AI score0.0051EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/15 11:26 a.m.5 views

WordPress SSV MailChimp plugin <= 3.1.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin SSV MailChimp versions = 3.1.5...

7.5CVSS7AI score0.0051EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.9 views

WordPress SSV MailChimp Plugin <= 3.1.5 is vulnerable to Local File Inclusion

Software SSV MailChimp Type Plugin Vulnerable versions = 3.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-49285 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 383b9dc2b560 Credits tahu.datar Required privilege Unauthenticate...

7.5CVSS6.8AI score0.0051EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:28 a.m.4 views

WordPress Forms for Mailchimp by Optin Cat plugin <= 2.5.7 - Authenticated (Editor+) Stored Cross-Site Scripting via Form Color Parameters vulnerability

Authenticated Editor+ Stored Cross-Site Scripting via Form Color Parameters vulnerability discovered by mike harris in WordPress Plugin Forms for Mailchimp by Optin Cat versions = 2.5.7...

4.4CVSS5.8AI score0.00325EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.10 views

WordPress Forms for Mailchimp by Optin Cat Plugin <= 2.5.6 is vulnerable to Cross Site Scripting (XSS)

Software Forms for Mailchimp by Optin Cat Type Plugin Vulnerable versions = 2.5.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7489 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2fb4093a4680 Credits mike harr...

4.4CVSS5.8AI score0.00325EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/10/12 6:15 a.m.11 views

CVE-2024-7489

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS0.00325EPSS
Exploits0References4
CVE
CVE
added 2024/10/12 5:39 a.m.44 views

CVE-2024-7489

CVE-2024-7489 — Stored XSS in WordPress plugin Forms for Mailchimp by Optin Cat (up to v2.5.6). Vulnerability: insufficient input sanitization and output escaping for form color parameters. Impact: authenticated attackers with editor+ privileges can inject scripts that execute when a user visits ...

4.4CVSS6.1AI score0.00325EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/12 5:39 a.m.9 views

CVE-2024-7489 Forms for Mailchimp by Optin Cat <= 2.5.7 - Authenticated (Editor+) Stored Cross-Site Scripting via Form Color Parameters

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS6.1AI score0.00325EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/12 5:39 a.m.24 views

CVE-2024-7489 Forms for Mailchimp by Optin Cat <= 2.5.7 - Authenticated (Editor+) Stored Cross-Site Scripting via Form Color Parameters

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS0.00325EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/12 12:0 a.m.6 views

PT-2024-38379 · WordPress · Forms For Mailchimp By Optin Cat

Name of the Vulnerable Software and Affected Versions: The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress versions up to, and including, 2.5.6 Description: The issue is related to Stored Cross-Site Scripting via the form color parameters due to insufficient input...

4.4CVSS5.9AI score0.00325EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/10/12 12:0 a.m.4 views

WordPress plugin Forms for Mailchimp by Optin Cat 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

4.4CVSS5.7AI score0.00325EPSS
Exploits0References4
NVD
NVD
added 2024/10/02 8:15 a.m.10 views

CVE-2024-9210

The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

6.1CVSS0.00355EPSS
Exploits0References3
OSV
OSV
added 2024/10/02 8:15 a.m.4 views

CVE-2024-9210

The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

6.1CVSS6AI score0.00355EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/02 7:35 a.m.16 views

CVE-2024-9210 MC4WP: Mailchimp Top Bar <= 1.6.0 - Reflected Cross-Site Scripting

The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

6.1CVSS0.00355EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/02 7:35 a.m.14 views

CVE-2024-9210 MC4WP: Mailchimp Top Bar <= 1.6.0 - Reflected Cross-Site Scripting

The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

6.1CVSS6.1AI score0.00355EPSS
Exploits0References3
Rows per page
Query Builder