CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS6.1AI score0.00311EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:54 p.m.•5 views

CVE-2022-2267

The Mailchimp for WooCommerce WordPress plugin before 2.7.1 has an AJAX action that allows any logged in users such as subscriber to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it can be used to scan priva...

4.3CVSS6.7AI score0.00209EPSS

Exploits2References1

CVE•added 2024/10/26 3:13 a.m.•50 views

CVE-2024-8870

The CVE-2024-8870 entry concerns the WordPress plugin Forms for Mailchimp by Optin Cat – Grow Your MailChimp List, with a Reflected Cross-Site Scripting (XSS) flaw caused by improper escaping of add_query_arg. Affected versions are all up to and including 2.5.6. Unauthenticated attackers could in...

6.1CVSS6.1AI score0.01371EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by