Product
The Connect Contact Form 7 and Mailchimp plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) due to insufficient input sanitization. This vulnerability, affecting versions up to and including 0.9.78.06, allows unauthenticated attackers to inject arbitrary web scripts into pages. These scripts execute when a privileged user (Administrator) performs a Contact Lookup on an email address submitted via a CF7 form, indicating a deferred execution model. Detection engineers should focus on monitoring for unusual script injections in forms and administrator interactions with plugin data.