CVE-2014-7152

Currently unrated

Key Information:

Vendor: Wordpress
Status: Easy Mailchimp Forms Plugin
Vendor: CVE Published:; 26 September 2014

Summary

Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the update_options action to wp-admin/admin-ajax.php.

References

http://research.g0blin.co.uk/cve-2014-7152/

x_refsource_MISC

https://wordpress.org/plugins/yikes-inc-easy-mailchimp-ex...

x_refsource_CONFIRM

Timeline

Vulnerability published
Sep 26, 2014
Vulnerability Reserved
Sep 22, 2014