cleantalk
Vulnerabilities and Security Researches

MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder, CVE-2025-22727

CVE, Research URL

CVE-2025-22727

Home page URL

Security reports for MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder

Application

MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder

Published on
Jan 21, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps MailChimp Subscribe Forms allows Stored XSS. This issue affects MailChimp Subscribe Forms : from n/a through 4.1.
Affected versions
max 4.2.
Status
vulnerable
Previous vulnerability researches
Easy Mailchimp Optin Form (5372731eec7f48ffa7bc51b8fba9f6d2a76a2e47) , Jun 07, 2024
N-Media MailChimp Subscription (CVE-2025-30613) , Apr 02, 2025
N-Media MailChimp Subscription (c714ab7345f437f355667a194a6d31c3529264f8) , Jun 06, 2024
MailChimp Block (CVE-2025-10735) , Oct 11, 2025
MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder (CVE-2025-22727) , Jan 19, 2025
New vulnerability
Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form (CVE-2026-25418) , Feb 28, 2026
Image Photo Gallery Final Tiles Grid (CVE-2026-25375) , Feb 28, 2026
Share This Image (CVE-2026-25010) , Feb 28, 2026
Bold Page Builder (CVE-2026-25451) , Feb 28, 2026
Bold Page Builder (CVE-2025-13463) , Feb 28, 2026