Support » Plugin: MailChimp List Subscribe Form » [Plugin: MailChimp List Subscribe Form] widget failed security test

  • Hello,

    I have a WP site that uses Security Metrics to run vulnerability tests periodically to be PCI compliant.

    When they ran that last test, they found that the MailChimp widget was vulnerable to xss javascript attacks. They also made me aware of where the code needed sanitization:

    <div id="mailchimp-widget" class="widget mailchimpSF_display_widget">	<a name="mc_signup_form"></a>
    	<h3>Sign up for Astro News</h3>    <div id="mc_signup_container">
    	<form method="post" action="/?\"><script>alert(123)</script>#mc_signup_form" id="mc_signup_form">

    Can I get some help on this? Thank you.

    -Samantha

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: MailChimp List Subscribe Form] widget failed security test’ is closed to new replies.