CVE-2014-7152

Name of the Vulnerable Software and Affected Versions Easy MailChimp Forms plugin versions 3.0 through 5.0.6

Description The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the update options action to the "wp-admin/admin-ajax.php" API endpoint.

Recommendations For Easy MailChimp Forms plugin versions 3.0 through 5.0.6, update to a version later than 5.0.6 to resolve the issue.