Mailchimp for WooCommerce

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2022-2556	WordPress Mailchimp for WooCommerce		0.00	—	0.01		Aug 29, 2022	The Mailchimp for WooCommerce WordPress plugin before 2.7.2 has an AJAX action that allows high privilege users to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it can be used to scan…
CVE-2022-2267	WordPress Mailchimp for WooCommerce		0.00	—	0.01		Aug 29, 2022	The Mailchimp for WooCommerce WordPress plugin before 2.7.1 has an AJAX action that allows any logged in users (such as subscriber) to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it can…

CVE-2022-2556Aug 29, 2022
WordPress
Mailchimp for WooCommerce
risk 0.00cvss —epss 0.01
The Mailchimp for WooCommerce WordPress plugin before 2.7.2 has an AJAX action that allows high privilege users to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it can be used to scan…
CVE-2022-2267Aug 29, 2022
WordPress
Mailchimp for WooCommerce
risk 0.00cvss —epss 0.01
The Mailchimp for WooCommerce WordPress plugin before 2.7.1 has an AJAX action that allows any logged in users (such as subscriber) to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it can…