Description
WordPress Plugin MailChimp for WooCommerce is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin MailChimp for WooCommerce version 2.1.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.2 or latest
References
Related Vulnerabilities
WordPress Plugin WP Super Cache Cross-Site Scripting (1.3)
WordPress Plugin Zedna Contact form Directory Traversal (1.1)
WordPress Plugin Directories Pro Cross-Site Scripting (1.3.45)
WordPress Plugin Subscribe to Comments Local File Inclusion (2.1.2)
WordPress Plugin SLIDER PHOTO GALLERY Multiple Vulnerabilities (1.0)