WordPress Plugin Vulnerabilities
Contact Form 7 Extension For Mailchimp < 0.9.69 - Authenticated (Contributor+) Information Exposure
Description
The Connect Contact Form 7 and Mailchimp plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.54. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive user or configuration data.
Affects Plugins
References
Classification
Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Bao - BlueRock
Verified
No
WPVDB ID
Timeline
Publicly Published
2025-12-21 (about 6 months ago)
Added
2026-01-06 (about 5 months ago)
Last Updated
2026-01-13 (about 5 months ago)