cleantalk
Vulnerabilities and Security Researches

MC4WP: Mailchimp for WordPress, CVE-2021-36833

CVE, Research URL

CVE-2021-36833

Home page URL

Security reports for MC4WP: Mailchimp for WordPress

Application

MC4WP: Mailchimp for WordPress

Published on
May 21, 2022
Research Description
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode's MC4WP plugin <= 4.8.6 at WordPress.
Affected versions
max 4.1.7.
Status
vulnerable
Previous vulnerability researches
MC4WP: Mailchimp for WordPress (CVE-2026-1781) , Apr 14, 2026
MC4WP: Mailchimp for WordPress (CVE-2023-51682) , Jun 10, 2024
MC4WP: Mailchimp for WordPress (CVE-2021-36833) , Jun 06, 2024
MC4WP: Mailchimp for WordPress (CVE-2024-8850) , Sep 19, 2024
MC4WP: Mailchimp for WordPress (CVE-2016-10871) , Jun 06, 2024
New vulnerability
Enable Media Replace (CVE-2026-2732) , Apr 14, 2026
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-1937) , Apr 14, 2026
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-1938) , Apr 14, 2026
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-1831) , Apr 14, 2026
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-1943) , Apr 14, 2026