Vulnerabilities and security researches fornmedia-mailchimp-widget nmedia-mailchimp-widget

Apr 02, 2025

CVE, Research URL: CVE-2025-30613
Home page URL: Security reports for N-Media MailChimp Subscription
Application: N-Media MailChimp Subscription
Date: Apr 01, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N-Media Nmedia MailChimp allows Stored XSS. This issue affects Nmedia MailChimp: from n/a through 5.4.
Affected versions: max 5.4.
Status: vulnerable

Jun 06, 2024

CVE, Research URL: c714ab7345f437f355667a194a6d31c3529264f8
Home page URL: Security reports for N-Media MailChimp Subscription
Application: N-Media MailChimp Subscription
Date: Aug 01, 2014
Research Description: N-Media MailChimp Subscription [nmedia-mailchimp-widget] < 3.2 WordPress Nmedia MailChimp Plugin <= 3.1 - XSS This plugin is prone to a cross site scripting vulnerability in api_mailchimp/postToMailChimp.php abs_path parameter. Update the plugin.
Affected versions: max 3.2.
Status: vulnerable