CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

NVD•added 2026/05/27 7:16 a.m.•4 views

CVE-2026-8868

The Single Mailchimp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'single-mailchimp' shortcode in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes autocomplete, label,...

6.4CVSS0.00032EPSS

Exploits0References3

CVE•added 2026/05/27 5:31 a.m.•9 views

CVE-2026-8868

CVE-2026-8868 : The WordPress Single Mailchimp plugin (versions up to 1.4) is vulnerable to Stored Cross-Site Scripting via the single-mailchimp shortcode. In shortcodes.php, the single_mailchimp() function concatenates unfiltered user-supplied attributes (autocomplete, label, placeholder, btn_te...

6.4CVSS6AI score0.00032EPSS

Exploits0References3

ATTACKERKB•added 2026/05/27 5:31 a.m.•4 views

CVE-2026-8868

6AI score0.00032EPSS

Exploits0References4

Vulnrichment•added 2026/05/27 5:31 a.m.•5 views

CVE-2026-8868 Single Mailchimp <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS6AI score0.00032EPSS

Exploits0References3

Cvelist•added 2026/05/27 5:31 a.m.•22 views

CVE-2026-8868 Single Mailchimp <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS0.00032EPSS

Exploits0References3

CNNVD•added 2026/05/27 12:0 a.m.•3 views

WordPress plugin Single Mailchimp 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00032EPSS

Exploits0References3