CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32517 – WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.3 is vulnerable to Open Redirection
https://notcve.org/view.php?id=CVE-2023-32517
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3. Vulnerabilidad de redirección de URL a un sitio que no es de confianza ('Open Redirect') en PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder. Este problema afecta a MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: desde n/a hasta 4.0. 9.3. The MailChimp Subscribe Forms plugin for WordPress is vulnerable to Open Redirect in versions up to, and including, 4.0.9.3. This is due to the application failing to properly verify a user-supplied input parameter. • https://patchstack.com/database/vulnerability/mailchimp-subscribe-sm/wordpress-mailchimp-subscribe-forms-plugin-4-0-9-1-open-redirection-vulnerability?_s_id=cve • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18577 – Mailchimp For WP <= 4.1.7 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18577
The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of add_query_arg. El complemento mailchimp-for-wp versiones anterior a 4.1.8 para WordPress tiene XSS a través del valor de retorno de add_query_arg. • https://wordpress.org/plugins/mailchimp-for-wp/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10871 – MailChimp for WordPress <= 4.0.10 - Authenticated Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-10871
The mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the integration settings page. El complemento mailchimp-for-wp anterior a 4.0.11 para WordPress tiene XSS en la página de configuración de integración. • https://wordpress.org/plugins/mailchimp-for-wp/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •