Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

649 matches found

WPVulnDB
WPVulnDBadded 2014/09/18 3:17 p.m.5 views

Easy Forms for MailChimp 5.0.3 - classes/class.yksemeBase.php Multiple Actions CSRF

The Easy Forms for Mailchimp WordPress plugin was affected by a classes/class.yksemeBase.php Multiple Actions CSRF security vulnerability...

2.5AI score
Exploits0Affected Software1
Patchstack
Patchstackadded 2014/09/18 12:0 a.m.17 views

WordPress Easy MailChimp Forms Plugin <= 5.0.3 - CSRF

This plugin is prone to a cross site request forgery vulnerability via classes/class.yksemeBase.php. Solution Update the plugin...

3.6AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDBadded 2014/08/01 10:59 a.m.11 views

Nmedia MailChimp 3.1 - api_mailchimp/postToMailChimp.php abs_path Parameter XSS

The N-Media MailChimp Subscription WordPress plugin was affected by an apimailchimp/postToMailChimp.php abspath Parameter XSS security vulnerability...

2.1AI score
Exploits0Affected Software1
Patchstack
Patchstackadded 2014/08/01 12:0 a.m.11 views

WordPress Nmedia MailChimp Plugin <= 3.1 - XSS

This plugin is prone to a cross site scripting vulnerability in apimailchimp/postToMailChimp.php abspath parameter. Solution Update the plugin...

2.4AI score
Exploits0References1Affected Software1
NVD
NVDadded 2012/12/03 9:55 p.m.15 views

CVE-2012-5551

Multiple cross-site scripting XSS vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 a predictable "webhook URL key" and 2 improper sanitization of "Webhook variables from POST requests."...

4.3CVSS5.8AI score0.01161EPSS
Exploits0References4
Prion
Prionadded 2012/12/03 9:55 p.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 a predictable "webhook URL key" and 2 improper sanitization of "Webhook variables from POST requests."...

4.3CVSS6.1AI score0.01161EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2012/12/03 9:0 p.m.41 views

CVE-2012-5551

CVE-2012-5551 affects the Drupal MailChimp module (7.x-2.x) prior to 7.x-2.7. The root cause is two XSS vectors: (1) a predictable webhook URL key and (2) improper sanitization of webhook variables coming from POST requests. This allows remote attackers to inject arbitrary scripts/HTML. Impact is...

4.3CVSS5.8AI score0.01161EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2012/12/03 9:0 p.m.16 views

CVE-2012-5551

Multiple cross-site scripting XSS vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 a predictable "webhook URL key" and 2 improper sanitization of "Webhook variables from POST requests."...

5.8AI score0.01161EPSS
Exploits0References4
Drupal
Drupaladded 2012/10/24 12:0 a.m.22 views

SA-CONTRIB-2012-158 - MailChimp - Cross Site Scripting (XSS)

This module provides integration with the MailChimp email delivery service. There are two issues with the webhook processing, which is exposed as an API in mailchimp.module and used by mailchimplists.module to update subscriber information. The webhook URL key can be trivially calculated. Webhook...

4.3CVSS6.4AI score0.01161EPSS
Exploits0References9
Rows per page
Query Builder