CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

649 matches found

Cvelist•added 2024/01/15 3:10 p.m.•34 views

CVE-2023-4925 Easy Forms for Mailchimp <= 6.8.10 - Admin+ Stored Cross-Site Scripting

The Easy Forms for Mailchimp WordPress plugin through 6.8.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5AI score0.00402EPSS

Exploits2References1

CVE•added 2024/01/15 3:10 p.m.•47 views

CVE-2023-4925

The CVE-2023-4925 entry concerns the Easy Forms for Mailchimp WordPress plugin (versions up to 6.8.10). Affected component: plugin settings sanitization/escaping, which is inadequate across some settings. Root cause: lack of proper sanitization/escaping enables stored Cross-Site Scripting when hi...

4.8CVSS4.8AI score0.00402EPSS

Exploits2References1Affected Software1

CNNVD•added 2024/01/15 12:0 a.m.•5 views

WordPress Plugin Easy Forms for Mailchimp Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.8CVSS6AI score0.00402EPSS

Exploits2References2

Positive Technologies•added 2024/01/15 12:0 a.m.•4 views

PT-2024-13708 · WordPress · Easy Forms For Mailchimp

Name of the Vulnerable Software and Affected Versions: Easy Forms for Mailchimp WordPress plugin versions 6.8.10 and earlier Description: The issue concerns the lack of proper sanitization and escaping of some settings in the plugin, which could allow high-privilege users, such as administrators,...

4.8CVSS4.7AI score0.00402EPSS

Exploits2References6

Patchstack•added 2024/01/08 12:0 a.m.•12 views

WordPress Contact Form 7 Extension For Mailchimp Plugin <= 0.5.70 is vulnerable to Server Side Request Forgery (SSRF)

Software Contact Form 7 Extension For Mailchimp Type Plugin Vulnerable versions = 0.5.70 Fixed in N/A OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-22134 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID...

6.5CVSS6.6AI score0.00277EPSS

Exploits0References1Affected Software1

NVD•added 2023/12/29 10:15 a.m.•12 views

CVE-2023-32517

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3...

6.1CVSS0.00351EPSS

Exploits0References1

Prion•added 2023/12/29 10:15 a.m.•21 views

Open redirect

5.8CVSS7.1AI score0.00351EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/12/29 10:5 a.m.•24 views

CVE-2023-32517 WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.3 is vulnerable to Open Redirection

4.7CVSS6.5AI score0.00351EPSS

Exploits0References1

CVE•added 2023/12/29 10:5 a.m.•58 views

CVE-2023-32517

CVE-2023-32517 is an Open Redirect vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, and Form Builder for WordPress. Affected versions are up to and including 4.0.9.3 (vendor/product: MailChimp Subscribe Forms plugins). The root cause is an untrusted URL redirecti...

6.1CVSS7AI score0.00351EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/12/29 12:0 a.m.•4 views

WordPress Plugin MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder Input Validation Error Vulnerability

6.1CVSS6.6AI score0.00351EPSS

Exploits0References2

Positive Technologies•added 2023/12/29 12:0 a.m.•5 views

PT-2023-23850 · Pluginops · Form Builder +3

Name of the Vulnerable Software and Affected Versions: PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder versions 4.0.9.3 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This...

6.1CVSS6.6AI score0.00351EPSS

Exploits0References6

WPVulnDB•added 2023/12/21 12:0 a.m.•15 views

Easy Forms for Mailchimp < 6.9.0 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC 1 Create a new opt-in form 2 Edit the form, and add a "First name" field. 3 Update the...

4.8CVSS4.8AI score0.00402EPSS

Exploits2Affected Software1

wpexploit•added 2023/12/21 12:0 a.m.•194 views

Easy Forms for Mailchimp < 6.9.0 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed 1 Create a new opt-in form 2 Edit the form, and add a "First name" field. 3 Update the form...

4.8CVSS4.8AI score0.00402EPSS

Exploits2

WPVulnDB•added 2023/11/23 12:0 a.m.•8 views

Forms for Mailchimp by Optin Cat < 2.5.5 - Authenticated (Editor+) Stored Cross-Site Scripting

Description The Forms for Mailchimp by Optin Cat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the paramsstr function in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

5.9CVSS5.9AI score0.00382EPSS

Exploits0References1Affected Software1

NVD•added 2023/11/14 9:15 p.m.•25 views

CVE-2023-47545

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

5.9CVSS0.00382EPSS

Exploits0References1

OSV•added 2023/11/14 9:15 p.m.•5 views

CVE-2023-47545

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

5.4CVSS7.3AI score0.00382EPSS

Exploits0References1

Prion•added 2023/11/14 9:15 p.m.•20 views

Cross site scripting

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

4.9CVSS5.8AI score0.00382EPSS

Exploits0References1Affected Software1

CVE•added 2023/11/14 8:55 p.m.•67 views

CVE-2023-47545

CVE-2023-47545 affects Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress, versions = 2.5.5 recommended.

5.9CVSS5.4AI score0.00382EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/11/14 8:55 p.m.•25 views

CVE-2023-47545 WordPress Forms for Mailchimp by Optin Cat Plugin <= 2.5.4 is vulnerable to Cross Site Scripting (XSS)

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

5.9CVSS5.6AI score0.00382EPSS

Exploits0References1

Positive Technologies•added 2023/11/14 12:0 a.m.•7 views

PT-2023-30495 · Fatcat Apps · Fatcat Apps Forms For Mailchimp

Name of the Vulnerable Software and Affected Versions: Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin versions = 2.5.4 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects users with editor or higher permissions. This ty...

5.9CVSS5.4AI score0.00382EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by