Description
WordPress Plugin Easy Forms for Mailchimp is prone to a vulnerability that lets attackers inject and execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin Easy Forms for Mailchimp version 6.5.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 6.5.3 or latest
References
Related Vulnerabilities
WordPress Plugin NEX-Forms Lite-WordPress Contact Form builder Cross-Site Scripting (2.1.0)
phpBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-2346)
WordPress Plugin Yoast SEO Cross-Site Scripting (11.5)
WordPress Plugin Leaflet 'id' Parameter Cross-Site Scripting (0.0.1)