Description
WordPress Plugin MailChimp for WooCommerce is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin MailChimp for WooCommerce version 2.1.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.2 or latest
References
Related Vulnerabilities
Microsoft SQL Server Elevation of Privilege Vulnerability (CVE-2021-1636)
WordPress Plugin WP Google Maps Cross-Site Scripting (8.1.11)
MediaWiki Improper Access Control Vulnerability (CVE-2012-4379)
Oracle Application Server CVE-2006-3706 Vulnerability (CVE-2006-3706)
WordPress Plugin Theme Tweaker Cross-Site Request Forgery (5.20)