API Monitor free
arrow right To plugin page
Fixed

WordPress Mailchimp for WooCommerce plugin <= 2.7 - Authenticated Server-Side Request Forgery (SSRF) vulnerability

5
CVSS 3.1 score Medium severity
Monitoring Coming soon

Find out about vulnerable plugins in your websites for free.

Scan your website arrow right
Type
Plugin
Vulnerable versions
<= 2.7
Fixed in
2.7.1
PSID
def9939ea036
Classification
Server Side Request Forgery (SSRF)
OWASP Top 10
A1: Injection
Required privilege
Requires subscriber or higher role user authentication.
Publicly disclosed
2022-08-03

Details

Authenticated Server-Side Request Forgery (SSRF) vulnerability discovered by Miguel Xavier Penha Neto in WordPress Mailchimp for WooCommerce plugin (versions <= 2.7).

Solution

Update the WordPress MailChimp For WooCommerce plugin to the latest available version (at least 2.7.1).

References

Vulnerability details

Other known vulnerabilities for MailChimp For WooCommerce

Submit vulnerabilities and become a verified Alliance member

Learn more

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close