Description
The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Published: 2025-10-01
Score: 4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery allowing unauthenticated requests to arbitrary internal URLs
Action: Patch Now
AI Analysis

Impact

The vulnerability is in the mcbSubmit_Form_Data() routine of the Block for Mailchimp plugin for WordPress. It allows unauthenticated attackers to cause the application to send HTTP requests to any URL specified in the request, including internal service endpoints. Because the responses are not returned to the attacker, this is a blind SSRF. The potential impact is that the attacker can query or change information on internal services that the WordPress site can reach.

Affected Systems

All WordPress sites that run the Block for Mailchimp – Add Email Subscription Forms and Collect Leads plugin version 1.1.12 or earlier are affected.

Risk and Exploitability

The CVSS score of 4 indicates a medium baseline risk. The EPSS score of less than 1% indicates exploitation is uncommon. The vulnerability is not listed in CISA’s KEV catalog. Attackers only need to submit a crafted form to trigger the SSRF, which can be done from any remote location. The impact is limited to server‑side requests; because no data is returned, no direct exfiltration is possible, but the ability to reach internal services could be leveraged within environments where the network is poorly segmented.

Generated by OpenCVE AI on April 22, 2026 at 14:15 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Block for Mailchimp plugin to the latest version available from the official WordPress plugin repository or from the vendor.
  • If an update is not available, uninstall or disable the plugin to eliminate the SSRF vulnerability.
  • Restrict inbound traffic to the plugin’s form endpoints using a firewall or web application firewall, blocking requests that attempt to reach internal network ranges.

Generated by OpenCVE AI on April 22, 2026 at 14:15 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-31819 The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
History

Thu, 02 Oct 2025 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Wed, 01 Oct 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 01 Oct 2025 03:30:00 +0000

Type Values Removed Values Added
Description The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Title Block For Mailchimp – Easy Mailchimp Form Integration <= 1.1.12 - Unauthenticated Blind Server-Side Request Forgery
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:52:39.004Z

Reserved: 2025-09-19T15:00:10.416Z

Link: CVE-2025-10735

cve-icon Vulnrichment

Updated: 2025-10-01T15:00:38.570Z

cve-icon NVD

Status : Deferred

Published: 2025-10-01T04:15:59.680

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-10735

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T14:15:20Z

Weaknesses