5 matches found
CVE-2023-2518
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2518
creationtimestamp| type| source ---|---|--- 2025-03-19 21:02:03+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lkr3embel52p...
WordPress Easy Forms for Mailchimp Plugin < 6.8.9 Multiple Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:yikesinc:easyformsformailchimp"; ifdescription...
CVE-2023-2518 Easy Forms for Mailchimp < 6.8.9 - Reflected XSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2518
CVE-2023-2518 affects the WordPress plugin Easy Forms for Mailchimp prior to version 6.8.9. The vulnerability is a reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of a parameter (sql_error) when the plugin’s debug option is enabled, allowing an attacker to execute arbi...