Description
WordPress Plugin MailChimp for WooCommerce is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin MailChimp for WooCommerce version 2.1.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.2 or latest
References
Related Vulnerabilities
XWikiplatform CVE-2025-32972 Vulnerability (CVE-2025-32972)
WordPress Plugin Processing Embed 'pluginurl' Parameter Cross-Site Scripting (0.5)
WordPress Plugin WP-Mon Arbitrary File Disclosure (0.5.1)
IBMHttpServer Improper Input Validation Vulnerability (CVE-2023-26281)
WordPress Plugin Bookly #1 WordPress Booking Plugin (Lite Version) Cross-Site Scripting (14.4)