Description
WordPress Plugin Easy Forms for Mailchimp is prone to a vulnerability that lets attackers inject and execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin Easy Forms for Mailchimp version 6.5.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 6.5.3 or latest
References
Related Vulnerabilities
WordPress Plugin Dropshix Security Bypass (4.0.13)
WordPress Plugin Simply Instagram Cross-Site Scripting (1.2.6)
WordPress Plugin Smart Google Code Inserter Multiple Vulnerabilities (3.4)
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7305)
Oracle Database Server CVE-2011-0792 Vulnerability (CVE-2011-0792)