EIP-2026-113878
PRE-CVEWordPress Plugin MailChimp Subscribe Forms 1.1 - Remote Code Execution
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113878. PoCs published by woodspeed.
AI-analyzed exploit summary This exploit demonstrates a Remote Code Execution (RCE) vulnerability in the WordPress MailChimp Subscribe Forms plugin (version 1.1). The vulnerability allows an attacker to inject PHP code into the 'sm_email' parameter, which is executed when an admin views the subscribers list.
Description
WordPress Plugin MailChimp Subscribe Forms 1.1 - Remote Code Execution
Exploits (1)
This exploit demonstrates a Remote Code Execution (RCE) vulnerability in the WordPress MailChimp Subscribe Forms plugin (version 1.1). The vulnerability allows an attacker to inject PHP code into the 'sm_email' parameter, which is executed when an admin views the subscribers list.