CVE-2025-12172

The Mailchimp List Subscribe Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on the mailchimpsfchangelistifnecessary function. This makes it possible for unauthenticated attacke...

CVE-2025-12172 Mailchimp List Subscribe Form <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List Change

The Mailchimp List Subscribe Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on the mailchimpsfchangelistifnecessary function. This makes it possible for unauthenticated attacke...

WordPress plugin Mailchimp List Subscribe Form 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

EUVD-2023-37491

Malicious code in bioql PyPI...

EUVD-2023-36761

Malicious code in bioql PyPI...

CVE-2025-28985

Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form elastic-email-subscribe-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Subscribe Form: from n/a through = 1.2.2...

CVE-2025-28985

CVE-2025-28985 describes a Missing Authorization vulnerability in the Elastic Email Subscribe Form WordPress plugin, affecting versions from n/a through 1.2.2. Connected sources indicate the patch status as Unpatched; no public fix version is provided in the documents.

CVE-2025-28985 WordPress Elastic Email Subscribe Form <= 1.2.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elastic Email Subscribe Form: from n/a through 1.2.2...

CVE-2025-28985 WordPress Elastic Email Subscribe Form plugin <= 1.2.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form elastic-email-subscribe-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elastic Email Subscribe Form: from n/a through = 1.2.2...

PT-2025-24132 · Unknown · Email Subscribe Form

Name of the Vulnerable Software and Affected Versions: Elastic Email Subscribe Form versions 1.2.2 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Elastic Email Subscribe Form, which allows exploitation due to incorrectly configured access control...

WordPress Elastic Email Subscribe Form plugin <= 1.2.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Elastic Email Subscribe Form versions = 1.2.2...

CVE-2023-32517

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3...

WordPress MailChimp Subscribe Form plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin MailChimp Subscribe Forms versions = 4.1...

CVE-2024-43211 WordPress MailChimp Subscribe Form plugin <=4.0.9.9 - Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginOps MailChimp Subscribe Forms allows Stored XSS.This issue affects MailChimp Subscribe Forms : from n/a through 4.0.9.9...

CVE-2023-32517

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3...

CVE-2023-32517

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3...

Open redirect

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3...

CVE-2023-32517

CVE-2023-32517 is an Open Redirect vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, and Form Builder for WordPress. Affected versions are up to and including 4.0.9.3 (vendor/product: MailChimp Subscribe Forms plugins). The root cause is an untrusted URL redirecti...

WordPress Plugin MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder Input Validation Error Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin MailChimp Subscribe Form,...

PT-2023-23850 · Pluginops · Form Builder +3

Name of the Vulnerable Software and Affected Versions: PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder versions 4.0.9.3 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability. This...