Full Disclosure

Reflected XSS in MailChimp for WordPress could allow an attacker to do almost anything an admin user can (WordPress plugin)

Leave a comment

Posted by dxw Security on Dec 14

Details
================
Software: MailChimp for WordPress
Version: 3.1.5,4.0.10
Homepage: http://wordpress.org/plugins/mailchimp-for-wp/
Advisory report:
https://security.dxw.com/advisories/reflected-xss-in-mailchimp-for-wordpress-could-allow-an-attacker-to-do-almost-anything-an-admin-user-can/
CVE: Awaiting assignment
CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N)

Description
================
Reflected XSS in MailChimp for WordPress could…

Leave a Reply