ThreatPress

WordPress Vulnerabilities Database

Back

WordPress MailChimp for WooCommerce plugin <= 2.1.1 - Local File Inclusion

Product
MailChimp For WooCommerce
Description
WordPress MailChimp for WooCommerce plugin is prone to a Local File Inclusion vulnerability in 2.1.2 version. The vulnerability was in /admin/partials/tabs/notices.php file in if ( isset ( $_GET['error_notice'] ) ... IF conditional statement which lead to include(__DIR__.'/errors/'.$_GET['error_notice'].'.php'); local file inclusion.
Solution
Update the plugin to the latest version.
Classification
Type Local File Inclusion
References
Changelog
Pluginvulnerabilities
CVE
Name CVE-N/A
Versions
Affected In <= 2.1.1
Fixed In 2.1.2
Disclosure date
2017-11-22
Credits
pluginvulnerabilities