CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Ibericode 1Mailchimp For Wordpress Jan 20, 2026 May 20, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode's MC4WP plugin <= 4.8.6 at WordPress. |
1Ibericode 1Mailchimp For Wordpress Jan 27, 2026 Aug 22, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of add_query_arg. |
1Ibericode 1Mailchimp For Wordpress Jan 27, 2026 Aug 13, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the integration settings page. |