Mailchimp for WooCommerce, 3f5dfa2ebe9baa0e66335bd7bc38b9469abe4dfc

CVE, Research URL: 3f5dfa2ebe9baa0e66335bd7bc38b9469abe4dfc
Home page URL: Security reports for Mailchimp for WooCommerce
Application: Mailchimp for WooCommerce
Published on: Nov 22, 2017
Research Description: Mailchimp for WooCommerce [mailchimp-for-woocommerce] < 2.1.2 WordPress MailChimp for WooCommerce plugin <= 2.1.1 - Local File Inclusion WordPress MailChimp for WooCommerce plugin is prone to a Local File Inclusion vulnerability in 2.1.2 version. The vulnerability was in /admin/partials/tabs/notices.php file in if ( isset ( $_GET['error_notice'] ) ... IF conditional statement which lead to include(__DIR__.'/errors/'.$_GET['error_notice'].'.php'); local file inclusion.
Affected versions: max 2.1.2.
Status: vulnerable