CVE-2024-22134

Name of the Vulnerable Software and Affected Versions Contact Form 7 Extension For Mailchimp versions 0.5.70 and earlier

Description A Server-Side Request Forgery (SSRF) issue affects the Renzo Johnson Contact Form 7 Extension For Mailchimp. This allows an attacker to forge requests to internal or external services, potentially leading to unauthorized access or data exposure. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For versions 0.5.70 and earlier, update to a version later than 0.5.70 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable extension until a patch is available.