MC4WP: Mailchimp for WordPress Vulnerabilities
The MC4WP: Mailchimp for WordPress WordPress plugin has 4 known security vulnerabilities. The most recent was disclosed on March 2, 2022. Check whether your site runs an affected version below.
View MC4WP: Mailchimp for WordPress on WordPress.orgSummary
Latest vulnerability disclosed on March 2, 2022.
Recommendation
WPSentry recommends installing with caution
Use MC4WP: Mailchimp for WordPress only with care. This plugin has a history of high-severity vulnerabilities — always run the latest version and monitor it for newly disclosed issues.
Is your site affected?
Run a free external scan to detect MC4WP: Mailchimp for WordPress and 35+ other WordPress security checks — no login or plugin required.
Known MC4WP: Mailchimp for WordPress vulnerabilities
- medium
MC4WP: Mailchimp for WordPress < 4.8.7 - Cross-Site Scripting
Affected versions: <4.8.7Disclosed March 2, 2022 - high
MC4WP: Mailchimp for WordPress <= 4.8.4 - Cross-Site Request Forgery
Affected versions: <=4.8.4Disclosed June 1, 2021 - medium
MC4WP: Mailchimp for WordPress <= 4.8.4 - Open Redirect
Affected versions: <=4.8.4Disclosed June 1, 2021 - medium
MC4WP: Mailchimp for WordPress <= 4.1.6 - Reflected Cross-Site Scripting
Affected versions: <=4.1.6Disclosed November 9, 2019
How to stay protected
Update promptly
Keep MC4WP: Mailchimp for WordPress on its latest release — most vulnerabilities are fixed in newer versions.
Scan regularly
Run an external scan after every update to catch outdated or vulnerable software early.
Monitor continuously
Enable monitoring to get alerted the moment a new issue affects your stack.