← volver
CVE-2021-24985

Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting

EPSS 1.1%CWE-79
The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
Productos afectados
Unknown · Easy Forms for Mailchimp

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://plugins.trac.wordpress.org/changeset/2646017https://wpscan.com/vulnerability/50be0ebf-fe6d-41e5-8af9-0d74f33aeb57