CVE-2024-29793

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2...

CVE-2024-29793 WordPress MailChimp Forms by MailMunch plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2...

CVE-2024-29793

CVE-2024-29793 is a Stored XSS in the MailChimp Forms by MailMunch plugin for WordPress (MailChimp Forms by MailMunch), affecting versions up to 3.2.2. The vulnerability is described as Stored XSS via Shortcode. Wordfence and related feeds note that the issue has been patched; specific fixed vers...

PT-2024-23037 · Mailmunch · Mailchimp Forms By Mailmunch

Name of the Vulnerable Software and Affected Versions: MailChimp Forms by MailMunch versions 3.2.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

WordPress Plugin MailChimp Forms by MailMunch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress MailChimp Forms by MailMunch Plugin <= 3.2.2 is vulnerable to Cross Site Scripting (XSS)

Software MailChimp Forms by MailMunch Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29793 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b65cb3b63fe6 Credits Ngô Thiên An ancorn from...

Easy Forms for Mailchimp <= 6.9.0 - Sensitive Information Exposure via logfile

Description The plugin stores its logs at a predictable path, making it easy for anyone to leak their content...

WordPress Easy Forms for Mailchimp Plugin <= 6.9.0 is vulnerable to Sensitive Data Exposure

Software Easy Forms for Mailchimp Type Plugin Vulnerable versions = 6.9.0 Fixed in N/A OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-25095 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 268130a7347a Credits...

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacki...

CVE-2024-22134

Server-Side Request Forgery SSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

CVE-2024-22134

Server-Side Request Forgery SSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

CVE-2024-22134

The CVE CVE-2024-22134 concerns a Server-Side Request Forgery (SSRF) in the WordPress plugin “Contact Form 7 Extension For Mailchimp” (Renzo Johnson). Affected versions are

CVE-2024-22134 WordPress Contact Form 7 Extension For Mailchimp Plugin <= 0.5.70 is vulnerable to Server Side Request Forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

CVE-2024-22134 WordPress Contact Form 7 Extension For Mailchimp Plugin <= 0.5.70 is vulnerable to Server Side Request Forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

WordPress plugin Contact Form 7 Extension For Mailchimp Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the...

Contact Form 7 Extension For Mailchimp <= 0.5.70 - Subscriber+ Server-Side Request Forgery

Description The plugin is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.5.70. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations originating from the web application which can ...

CVE-2023-4925

The Easy Forms for Mailchimp WordPress plugin through 6.8.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2023-4925

The Easy Forms for Mailchimp WordPress plugin through 6.8.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

Cross site scripting

The Easy Forms for Mailchimp WordPress plugin through 6.8.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...