EUVD-2019-6319

Malware in sbrugna...

GHSA-837V-6VGX-JQCC yikes-inc-easy-mailchimp-extender Cross-site Scripting vulnerability

A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/addfieldtoform.php. The manipulation of the argument fieldname/mergetag/fieldtype/listid leads to cross site scripting. It...

yikes-inc-easy-mailchimp-extender Cross-site Scripting vulnerability

A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/addfieldtoform.php. The manipulation of the argument fieldname/mergetag/fieldtype/listid leads to cross site scripting. It...

CVE-2021-4244

A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/addfieldtoform.php. The manipulation of the argument fieldname/mergetag/fieldtype/listid leads to cross site scripting. It...

CVE-2021-4244

A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/addfieldtoform.php. The manipulation of the argument fieldname/mergetag/fieldtype/listid leads to cross site scripting. It...

PT-2022-11596 · WordPress · Yikes-Inc-Easy-Mailchimp-Extender

Name of the Vulnerable Software and Affected Versions: yikes-inc-easy-mailchimp-extender Plugin versions up to 6.8.5 Description: A vulnerability has been found in the yikes-inc-easy-mailchimp-extender Plugin, affecting an unknown part of the file admin/partials/ajax/add field to form.php. The...

CVE-2021-4244

CVE-2021-4244 affects the yikes-inc-easy-mailchimp-extender WordPress plugin up to version 6.8.5. The vulnerability resides in admin/partials/ajax/add_field_to_form.php where manipulation of the arguments field_name, merge_tag, field_type, or list_id enables cross-site scripting. It can be exploi...

WordPress yikes-inc-easy-mailchimp-extender plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. yikes-inc-easy-mailchimp-extender is used in one of the user registration form to add plug-ins . A cross-site scripting...

CVE-2019-15318

The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field...

Code injection

The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field...

CVE-2019-15318

The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field...

CVE-2019-15318

CVE-2019-15318 concerns the WordPress plugin yikes-inc-easy-mailchimp-extender (before 6.5.3) with a vulnerability described as code injection via an admin input field. The NVD record lists a high base score (CVSS v2: 7.5; CVSS v3.0: 9.8, CRITICAL) and indicates network attack vector with low com...