Medium severity6.1NVD Advisory· Published Jan 24, 2022· Updated Jun 17, 2026
CVE-2021-24985
CVE-2021-24985
Description
The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Easy Forms for Mailchimpdescription
- Range: <6.8.6
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2646017nvdPatchThird Party Advisory
- wpscan.com/vulnerability/50be0ebf-fe6d-41e5-8af9-0d74f33aeb57nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.