Karim Ouerghemmi

Researcher fromRIPS
#16852of 53,633
15.9Total CVSS
Vulnerabilities · 2
Medium
1
Critical
1
PT-2019-8511
6.1
2019-08-22
Mailchimp · Mailchimp-For-Wp · CVE-2017-18577
**Name of the Vulnerable Software and Affected Versions** mailchimp-for-wp plugin versions prior to 4.1.8 **Description** The issue concerns a problem where the return value of `add query arg` can be exploited, leading to XSS. **Recommendations** For versions prior to 4.1.8, update to version 4.1.8 or later to resolve the issue.
PT-2018-17515
9.8
2018-01-30
Open Source Matters · Joomla! · CVE-2018-6376
**Name of the Vulnerable Software and Affected Versions** Joomla! versions prior to 3.8.4 **Description** The issue arises from the lack of type casting of a variable in a SQL statement, leading to a SQL injection vulnerability in the Hathor postinstall message. **Recommendations** For versions prior to 3.8.4, update to version 3.8.4 or later to resolve the issue.