← voltar
CVE-2021-24985

Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting

EPSS 1.1%CWE-79
The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
Produtos afetados
Unknown · Easy Forms for Mailchimp

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://plugins.trac.wordpress.org/changeset/2646017https://wpscan.com/vulnerability/50be0ebf-fe6d-41e5-8af9-0d74f33aeb57