CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

WordPress Easy Forms for Mailchimp Plugin < 6.8.9 - Cross-Site Scripting

The Easy Forms for Mailchimp plugin before version 6.8.9 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the sqlerror parameter before outputting it back in the page when the debug option is enabled, which could allow attackers to execute...

6.1CVSS6.5AI score0.15068EPSS

Exploits2References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-6319

Malware in sbrugna...

9.8CVSS9.4AI score0.00994EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-33108

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.08827EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-27983

Malicious code in bioql PyPI...

6.1CVSS7.1AI score0.00232EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-7558

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00289EPSS

Exploits0References6

RedhatCVE•added 2025/05/23 2:39 a.m.•4 views

CVE-2023-23900

Unauth. Reflected Cross-Site Scripting XSS vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin = 6.8.8 versions...

6.1CVSS5.8AI score0.00232EPSS

Exploits0References1

OSV•added 2023/08/10 12:15 p.m.•22 views

CVE-2023-23900

Unauth. Reflected Cross-Site Scripting XSS vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin = 6.8.8 versions...

6.1CVSS6.1AI score

Exploits0References1

Prion•added 2023/08/10 12:15 p.m.•18 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin = 6.8.8 versions...

5.8CVSS6AI score0.00232EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/08/10 11:30 a.m.•16 views

CVE-2023-23900 WordPress Easy Forms for Mailchimp Plugin <= 6.8.8 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin = 6.8.8 versions...

5.8CVSS6.1AI score0.00232EPSS

Exploits0References1

CVE•added 2023/08/10 11:30 a.m.•34 views

CVE-2023-23900

CVE-2023-23900 — WordPress plugin YIKES, Easy Forms for Mailchimp : An unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability affects the plugin versions

6.1CVSS5.7AI score0.00232EPSS

Exploits0References1Affected Software1

OSV•added 2022/12/12 3:30 p.m.•20 views

GHSA-837V-6VGX-JQCC yikes-inc-easy-mailchimp-extender Cross-site Scripting vulnerability

A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/addfieldtoform.php. The manipulation of the argument fieldname/mergetag/fieldtype/listid leads to cross site scripting. It...

6.1CVSS4.7AI score0.00289EPSS

Exploits0References6

Github Security Blog•added 2022/12/12 3:30 p.m.•24 views

yikes-inc-easy-mailchimp-extender Cross-site Scripting vulnerability

6.1CVSS4AI score0.00289EPSS

Exploits0References6Affected Software1

NVD•added 2022/12/12 2:15 p.m.•7 views

CVE-2021-4244

6.1CVSS0.00289EPSS

Exploits0References4

CVE•added 2022/12/12 12:0 a.m.•80 views

CVE-2021-4244

CVE-2021-4244 affects the yikes-inc-easy-mailchimp-extender WordPress plugin up to version 6.8.5. The vulnerability resides in admin/partials/ajax/add_field_to_form.php where manipulation of the arguments field_name, merge_tag, field_type, or list_id enables cross-site scripting. It can be exploi...

6.1CVSS4.7AI score0.00289EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2022/12/12 12:0 a.m.•5 views

PT-2022-11596 · WordPress · Yikes-Inc-Easy-Mailchimp-Extender

Name of the Vulnerable Software and Affected Versions: yikes-inc-easy-mailchimp-extender Plugin versions up to 6.8.5 Description: A vulnerability has been found in the yikes-inc-easy-mailchimp-extender Plugin, affecting an unknown part of the file admin/partials/ajax/add field to form.php. The...

6.1CVSS5.8AI score0.00289EPSS

Exploits0References9

Vulnrichment•added 2022/12/12 12:0 a.m.•11 views

CVE-2021-4244 yikes-inc-easy-mailchimp-extender Plugin add_field_to_form.php cross site scripting

2.6CVSS6.2AI score0.00289EPSS

Exploits0References4

OSV•added 2022/07/21 5:15 p.m.•2 views

CVE-2022-28666

Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin = 1.7.7 at WordPress leading to &yikes-the-content-toggle option update...

5.3CVSS5.8AI score0.08827EPSS

Exploits1References1

NVD•added 2022/07/21 5:15 p.m.•14 views

CVE-2022-28666

Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin = 1.7.7 at WordPress leading to &yikes-the-content-toggle option update...

5.3CVSS0.08827EPSS

Exploits1References1

Prion•added 2022/07/21 5:15 p.m.•15 views

Improper access control

Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin = 1.7.7 at WordPress leading to &yikes-the-content-toggle option update...

5CVSS5.3AI score0.08827EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2022/07/21 4:59 p.m.•6 views

CVE-2022-28666 WordPress Custom Product Tabs for WooCommerce plugin <= 1.7.7 - Broken Access Control vulnerability

Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin = 1.7.7 at WordPress leading to &yikes-the-content-toggle option update...

5.3CVSS5.2AI score0.08827EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by