5 matches found
CVE-2023-1323
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
WordPress Easy Forms for Mailchimp Plugin < 6.8.9 Multiple Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:yikesinc:easyformsformailchimp"; ifdescription...
CVE-2023-1323 Easy Forms for MailChimp < 6.8.9 - Admin+ Stored XSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...
CVE-2023-1323
The CVE-2023-1323 entry concerns the WordPress plugin Easy Forms for Mailchimp, affected in versions prior to 6.8.9. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by insufficient sanitisation/escaping of certain form parameters, enabling high-privilege users (e.g., admins) ...
CVE-2023-1323 Easy Forms for MailChimp < 6.8.9 - Admin+ Stored XSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...