WordPress Plugin Vulnerabilities

Contact Form 7 Extension For Mailchimp < 0.9.69 - Authenticated (Contributor+) Information Exposure

Description

The Connect Contact Form 7 and Mailchimp plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.54. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive user or configuration data.

Affects Plugins

References

Classification

Type
SENSITIVE DATA DISCLOSURE
CWE

Miscellaneous

Original Researcher
Bao - BlueRock
Verified
No

Timeline

Publicly Published
2025-12-21 (about 6 months ago)
Added
2026-01-06 (about 5 months ago)
Last Updated
2026-01-13 (about 5 months ago)

Other