649 matches found
PT-2023-16895 · WordPress · Easy Forms For Mailchimp
Name of the Vulnerable Software and Affected Versions: Easy Forms for Mailchimp WordPress plugin versions prior to 6.8.9 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because the plugin does not properly saniti...
Fedora 38 : chromium (2023-6fe7ff3452)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6fe7ff3452 advisory. update to 114.0.5735.106. Fixes the following security issue: CVE-2023-3709 Tenable has extracted the preceding description block directly from the...
CVE-2023-2518
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2518
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Cross site scripting
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2518 Easy Forms for Mailchimp < 6.8.9 - Reflected XSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2518
CVE-2023-2518 affects the WordPress plugin Easy Forms for Mailchimp prior to version 6.8.9. The vulnerability is a reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of a parameter (sql_error) when the plugin’s debug option is enabled, allowing an attacker to execute arbi...
CVE-2023-2518 Easy Forms for Mailchimp < 6.8.9 - Reflected XSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress plugin Easy Forms for Mailchimp 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2023-19962 · WordPress · Easy Forms For Mailchimp
Name of the Vulnerable Software and Affected Versions: Easy Forms for Mailchimp WordPress plugin versions prior to 6.8.9 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs when the debug option is enabled, and a parameter is not properly sanitised and escaped...
CVE-2023-33328
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...
CVE-2023-33328
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...
CVE-2023-33328 WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...
CVE-2023-33328 WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PluginOps MailChimp Subscribe Form plugin = 4.0.9.1 versions...
CVE-2023-33328
CVE-2023-33328 : A Stored Cross-Site Scripting (XSS) vulnerability in the PluginOps MailChimp Subscribe Form plugin (versions
PT-2023-24296 · Pluginops · Pluginops Mailchimp Subscribe Forms
Name of the Vulnerable Software and Affected Versions: PluginOps MailChimp Subscribe Form plugin versions prior to 4.0.9.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For...
WordPress plugin MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder 4.0.9.1及 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
MailChimp Subscribe Forms < 4.0.9.2 - Admin+ Stored XSS
The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...
Easy Forms for Mailchimp < 6.8.9 - Reflected XSS
The plugin does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC When the debug settings is enabled ie...