MC4WP: Mailchimp for WordPress 4.9.9 – 4.9.16 – Reflected Cross-Site Scripting

[ad_1]

cPanel has sent me a warning that site vulnerabilities are found.

MC4WP: Mailchimp for WordPress 4.9.9 – 4.9.16 – Reflected Cross-Site Scripting

The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ’email’ parameter when a placeholder such as {email} is used for the field in versions 4.9.9 to 4.9.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

Source: Wordfence

I am using v4.4.17 but another site suggests updating to 4.10. Is 4.10 available or did 4.4.17 fix the issue?

The page I need help with: [log in to see the link]

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer