6.1

CVE-2023-32517

WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.3 is vulnerable to Open Redirection

MailChimp Subscribe Forms <= 4.0.9.3 - Open Redirect

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3.
Mögliche Gegenmaßnahme
MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: Update to version 4.0.9.4, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbericodeMailchimp SwPlatformwordpress Version < 4.0.9.4
Weitere Schwachstelleninformationen
SystemWordPress Plugin
Produkt MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder
Version *-4.0.9.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.268
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.1 2.8 2.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
audit@patchstack.com 4.7 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

https://patchstack.com/database/vulnerability/mailchimp-subscribe-sm/wordpress-mailchimp-subscribe-forms-plugin-4-0-9-1-open-redirection-vulnerability?_s_id=cve
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/aba1ca3a-a937-400b-b175-2ca4e67a107d
Third Party Advisory