4 matches found
CVE-2023-51682
CVE-2023-51682 : Missing Authorization vulnerability in MC4WP (Mailchimp for WordPress) affecting MC4WP
CVE-2024-8680
CVE-2024-8680 affects the MC4WP: Mailchimp for WordPress plugin for WordPress, vulnerable in all versions up to and including 4.9.16. The issue is a stored Cross-Site Scripting (XSS) flaw caused by insufficient input sanitization and output escaping in admin settings, exploitable by authenticated...
CVE-2023-32517
CVE-2023-32517 is an Open Redirect vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, and Form Builder for WordPress. Affected versions are up to and including 4.0.9.3 (vendor/product: MailChimp Subscribe Forms plugins). The root cause is an untrusted URL redirecti...
CVE-2024-8850
MC4WP: Mailchimp for WordPress (WordPress plugin) is affected by CVE-2024-8850 for versions 4.9.9–4.9.16, due to insufficient input sanitization and output escaping in the email parameter (with placeholders like {email}), enabling reflected XSS when a user clicks a crafted link. Unauthenticated a...