Log out
Get PRO

Latest

Input validation vulnerability in MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder 4.0.9.1

  • Severity: medium-risk
  • Status: Open
  • Publication: May 22, 2023

The MailChimp Subscribe Forms plugin for WordPress has a security issue that affects multi-site installations and installations where the security settings called “unfiltered_html” have been disabled. This issue causes a vulnerability to Stored Cross-Site Scripting, which means that if an attacker has administrator-level access, they can inject web scripts into pages that will cause harm when someone views the page. This vulnerability affects all versions of the MailChimp Subscribe Forms plugin up to 4.0.9.1.

Detected in:

MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder open vulnerable versions: >= * <= 4.0.9.1

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.