PT-2025-40059 · WordPress · Block For Mailchimp – Easy Mailchimp Form Integration

D01Exploit Official

·

Publicado

2025-10-01

·

Atualizado

2025-10-01

·

CVE-2025-10735

CVSS v3.1

4.0

Média

VetorAV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
Name of the Vulnerable Software and Affected Versions The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress versions up to and including 1.1.12
Description The software is susceptible to a Blind Server-Side Request Forgery issue. This allows unauthenticated attackers to make web requests to arbitrary locations originating from the web application. Attackers could potentially query and modify information from internal services using the mcbSubmit Form Data() function.
Recommendations Update The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress to a version later than 1.1.12.

Correção

SSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-918

Identificadores relacionados

CVE-2025-10735

Produtos afetados

Block For Mailchimp – Easy Mailchimp Form Integration