kavas.com XSS vulnerability

Open Bug Bounty ID: OBB-676725 Description| Value ---|--- Affected Website:| kavas.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

MailChimp Bans ICO & Blockchain Marketing- Fundraisers Devastated

By Waqas Well-known email distribution platform MailChimp announced a change in its This is a post from HackRead.com Read the original post: MailChimp Bans ICO & Blockchain Marketing- Fundraisers Devastated...

WordPress MailChimp for WooCommerce plugin <= 2.1.1 - Local File Inclusion

WordPress MailChimp for WooCommerce plugin is prone to a Local File Inclusion vulnerability in 2.1.2 version. The vulnerability was in /admin/partials/tabs/notices.php file in if isset $GET'errornotice' ... IF conditional statement which lead to includeDIR.'/errors/'.$GET'errornotice'.'.php'; loc...

Hiro: Weak crossdomain.xml

The e-mail list management service used by Blockstack operated by MailChimp has a lenient cross-domain flash policy -- this is not a vulnerability, however, the crossdomain.xml used by the mailing service is more lenient than used by normal web services...

MailChimp for WordPress <= 4.1.6 - Authenticated Cross-Site Scripting (XSS)

Usage of the output of addqueryarg without escaping in various places in the WordPress Backend leads to reflected XSS vulnerability. PoC URL/wp-admin/admin.php?page=mailchimp-for-wp-integrations&"...

MailChimp for WordPress <= 4.1.6 - Authenticated Cross-Site Scripting (XSS)

Usage of the output of addqueryarg without escaping in various places in the WordPress Backend leads to reflected XSS vulnerability. URL/wp-admin/admin.php?page=mailchimp-for-wp-integrations&"alert1...

Mailchimp For WP < 4.1.8 - XSS

The MC4WP: Mailchimp for WordPress WordPress plugin was affected by a XSS security vulnerability...

mailchimp.com XSS vulnerability

Vulnerable URL: https://mailchimp.com/holiday-tips/tip-sign-up/?source=%22%3E%3Csvg/onload=alert%27OPENBUGBOUNTY%27%3E Details: Description| Value ---|--- Patched:| Yes, at 25.10.2017 Latest check for patch:| 25.10.2017 05:30 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

WordPress MailChimp 3.1.5 / 4.0.10 Cross Site Scripting Vulnerability

WordPress MailChimp versions 3.1.5 and 4.0.10 suffer from a cross site scripting vulnerability. Details ================ Software: MailChimp for WordPress Version: 3.1.5,4.0.10 Homepage: http://wordpress.org/plugins/mailchimp-for-wp/ Advisory report:...

WordPress plugin MailChimp cross-site scripting vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . A cross-site scripting vulnerability exists in the integration parameter of the admin.php page of the WordPress...

WordPress MailChimp 3.1.5 / 4.0.10 Cross Site Scripting

Details ================ Software: MailChimp for WordPress Version: 3.1.5,4.0.10 Homepage: http://wordpress.org/plugins/mailchimp-for-wp/ Advisory report: https://security.dxw.com/advisories/reflected-xss-in-mailchimp-for-wordpress-could-allow-an-attacker-to-do-almost-anything-an-admin-user-can/...

WordPress MailChimp Plugin <= 4.0.10 - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...

MailChimp for WordPress <= 4.0.10 - Authenticated Cross-Site Scripting (XSS)

The MC4WP: Mailchimp for WordPress WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

WordPress MailChimp 4.0.7 Cross Site Request Forgery / Cross Site Scripting

Exploit Title : WordPress Plugin MailChimp 4.0.7 - Cross-Site Request Forgery / Persistent Cross-Site Scripting Exploit Author : Persian Hack Team Vendor Homepage : https://wordpress.org/plugins/mailchimp-for-wp/ Category: Webapps Tested on: Win Version: 4.0.7 Date: 2016/11/19 PoC: I would like t...

Easy Forms for MailChimp <= 6.0.5.5 - Local File Inclusion (LFI)

The Easy Forms for Mailchimp WordPress plugin was affected by a Local File Inclusion LFI security vulnerability...

WordPress Easy MailChimp Forms Plugin <= 6.0.5.5 - Local File Inclusion

Because of this vulnerability, attackers can run arbitrary PHP code. Solution Update the plugin...

WordPress Easy Forms For MailChimp 6.0.5.5 Local File Inclusion

------------------------------------------------------------------------ Easy Forms for MailChimp Local File Inclusion vulnerability ------------------------------------------------------------------------ Yorick Koster, July 2016...

creative.mailchimp.com XSS vulnerability

Vulnerable URL: http://creative.mailchimp.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

blog.mailchimp.com XSS vulnerability

Vulnerable URL: http://blog.mailchimp.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 13.04.2017 Latest check for patch:| 13.04.2017 20:13 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

MailChimp for Android - Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application MailChimp for Android published at the 'play' market has multiple vulnerabilities...