XSS Vulnerability in Mailchimp for WP Plugin (Version 4.1.8 and earlier) via add_query_arg Return Value

XSS Vulnerability in Mailchimp for WP Plugin (Version 4.1.8 and earlier) via add_query_arg Return Value

CVE-2017-18577 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of add_query_arg.

Learn more about our Wordpress Pen Testing.