cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-8870,https://securityvulnerability.io/vulnerability/CVE-2024-8870,Reflected Cross-Site Scripting Vulnerability in Forms for Mailchimp by Optin Cat,"The Forms for Mailchimp plugin by Optin Cat for WordPress is susceptible to Reflected Cross-Site Scripting (XSS) attacks, primarily due to the inadequate escaping of URLs via the add_query_arg function. This vulnerability impacts all versions up to and including 2.5.6 and allows unauthorized users to inject malicious scripts into web pages. By tricking victims into clicking a specially crafted link, attackers can execute arbitrary scripts in the context of the user's session, potentially leading to data theft, account compromise, or other malicious activities.",Wordpress,Forms For Mailchimp By Optin Cat – Grow Your Mailchimp List,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-10-26T03:13:51.846Z,0
CVE-2024-7489,https://securityvulnerability.io/vulnerability/CVE-2024-7489,Stored Cross-Site Scripting Vulnerability in MailChimp List Plugin,"The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",Wordpress,Forms For Mailchimp By Optin Cat – Grow Your Mailchimp List,4.4,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,2024-10-12T05:39:40.549Z,0