CVE-2023-32517

MEDIUM

PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder <= 4.0.9.3 - Open Redirect

Title source: llm

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/mailchimp-subscribe-sm/wordpress-mailchimp-subscribe-forms-plugin-4-0-9-1-open-redirection-vulnerability?_s_id=cve

Scores

CVSS v3 4.7

EPSS 0.0035

EPSS Percentile 26.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Details

CWE

CWE-601

Status published

Products (2)

ibericode/mailchimp < 4.0.9.4

PluginOps/MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder < 4.0.9.3

Published Dec 29, 2023

Tracked Since Feb 18, 2026