Lucene search
+L

653 matches found

Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.9 views

PT-2025-40059

Name of the Vulnerable Software and Affected Versions The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress versions up to and including 1.1.12 Description The software is susceptible to a Blind Server-Side Request Forgery issue. This allows unauthenticated attackers to...

4CVSS6.4AI score0.00285EPSS
Exploits0References9
Patchstack
Patchstack
added 2025/09/30 9:42 p.m.8 views

WordPress Block For Mailchimp plugin <= 1.1.12 - Unauthenticated Blind Server-Side Request Forgery vulnerability

Unauthenticated Blind Server-Side Request Forgery vulnerability discovered by D01EXPLOIT OFFICIAL in WordPress Plugin MailChimp Block versions = 1.1.12...

4CVSS6.8AI score0.00285EPSS
Exploits0References1Affected Software1
HackRead
HackRead
added 2025/07/31 7:56 p.m.16 views

Everest Ransomware Claims Mailchimp as New Victim in Relatively Small Breach

Everest ransomware claims Mailchimp breach, leaks 943,000 lines of data. While limited in size, it adds to a spike in global ransomware activity this July...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/06 9:7 a.m.10 views

CVE-2025-29012

Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on CF7-mailchimp-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.4...

5.3CVSS5.9AI score0.00211EPSS
Exploits0References1
NVD
NVD
added 2025/07/04 9:15 a.m.8 views

CVE-2025-29012

Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on CF7-mailchimp-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.4...

5.3CVSS0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/04 8:42 a.m.4 views

CVE-2025-29012 WordPress CF7 7 Mailchimp Add-on plugin <= 2.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.2...

5.3CVSS7.1AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/04 8:42 a.m.14 views

CVE-2025-29012 WordPress CF7 7 Mailchimp Add-on plugin < 2.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on CF7-mailchimp-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.4...

5.3CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2025/07/04 8:42 a.m.26 views

CVE-2025-29012

CVE-2025-29012 affects the CF7 7 Mailchimp Add-on with Missing Authorization due to incorrectly configured access control. Affected versions are n/a through 2.2; Patch Status is Unpatched per Wordfence listings and Red Hat/CVE aggregations. The connected documents corroborate a Broken Access Cont...

5.3CVSS5.9AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.7 views

PT-2025-27884 · Unknown · Kamleshyadav Cf7 7 Mailchimp Add-On

Name of the Vulnerable Software and Affected Versions: kamleshyadav CF7 7 Mailchimp Add-on versions n/a through 2.2 Description: The issue is related to a Missing Authorization vulnerability that allows exploitation of incorrectly configured access control security levels. Recommendations: For...

5.3CVSS6.1AI score0.00211EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.6 views

WordPress plugin CF7 7 Mailchimp Add-on 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

5.3CVSS6.5AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:42 a.m.9 views

CVE-2025-22727

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginOps MailChimp Subscribe Forms mailchimp-subscribe-sm allows Stored XSS.This issue affects MailChimp Subscribe Forms : from n/a through = 4.1...

6.5CVSS7.2AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:43 a.m.5 views

CVE-2024-7489

The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS6.1AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:3 a.m.15 views

CVE-2024-29793

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2...

6.5CVSS8.6AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:34 a.m.9 views

CVE-2024-22134

Server-Side Request Forgery SSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

6.5CVSS7.1AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.5 views

CVE-2024-30523

Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Mailchimp Add On pmpro-mailchimp.This issue affects Paid Memberships Pro – Mailchimp Add On: from n/a through 2.3.4...

5.3CVSS8.6AI score0.00447EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:29 a.m.6 views

CVE-2024-5053

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability check on the verifyRequest function in all versions up to, and including, 5.1.18. This makes it...

4.3CVSS5.9AI score0.00402EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:13 a.m.9 views

CVE-2024-9210

The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

6.1CVSS6.4AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.19 views

CVE-2024-6489

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getgoogleapikey function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level access a...

5.3CVSS6.4AI score0.00298EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:0 a.m.21 views

CVE-2024-6491

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimpapikeymanage function in all versions up to, and including, 2.0.10. This makes it possible for authenticated attackers, with Contributor-level...

4.3CVSS6.4AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:57 a.m.7 views

CVE-2024-33677

Cross-Site Request Forgery CSRF vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70...

4.3CVSS5.1AI score0.00201EPSS
Exploits0References1
Rows per page
Query Builder