CVE-2023-3709 Royal Elementor Addons <=1.3.70 - Unauthenticated MailChimp API Key Disclosure

The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to...

PT-2023-25787 · Mailchimp +1 · Mailchimp +1

Name of the Vulnerable Software and Affected Versions: The Royal Elementor Addons plugin for WordPress versions up to, and including, 1.3.70 Description: The issue allows unauthenticated attackers to obtain a site's MailChimp API key due to the plugin adding the API key to the source code of any...