Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:31 a.m.13 views

CVE-2023-1323

The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.7AI score0.00444EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/06/16 12:0 a.m.30 views

WordPress Easy Forms for Mailchimp Plugin < 6.8.9 Multiple Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:yikesinc:easyformsformailchimp"; ifdescription...

6.1CVSS6.9AI score0.01092EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2023/06/12 5:28 p.m.16 views

CVE-2023-1323 Easy Forms for MailChimp < 6.8.9 - Admin+ Stored XSS

The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

5.7AI score0.00444EPSS
Exploits1References1
CVE
CVE
added 2023/06/12 5:28 p.m.58 views

CVE-2023-1323

The CVE-2023-1323 entry concerns the WordPress plugin Easy Forms for Mailchimp, affected in versions prior to 6.8.9. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by insufficient sanitisation/escaping of certain form parameters, enabling high-privilege users (e.g., admins) ...

4.8CVSS4.7AI score0.00444EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/06/12 5:28 p.m.25 views

CVE-2023-1323 Easy Forms for MailChimp < 6.8.9 - Admin+ Stored XSS

The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

5.1AI score0.00444EPSS
Exploits1References1
Rows per page
Query Builder