MailChimp Campaigns WordPress Plugin Missing Authorization Vulnerability Allowing App Disconnection
Vulnerability
A missing authorization vulnerability has been identified in the MailChimp Campaigns plugin for WordPress, affecting all versions up to and including 3.2.4. The vulnerability arises from inadequate capability checks in the 'mailchimp_campaigns_manager_disconnect_app' function, which is linked to an AJAX action of the same name. This flaw enables authenticated attackers with Subscriber-level access or higher to disconnect the site from its MailChimp synchronization app, thereby disrupting automated email campaigns and marketing integrations.
Impact
Exploitation of this vulnerability allows for unauthorized disconnection from the MailChimp synchronization app, disrupting automated email campaigns and marketing integrations.
Reproduction
To reproduce this vulnerability, an authenticated user with Subscriber-level access or higher can send a request to the 'mailchimp_campaigns_manager_disconnect_app' AJAX action. This request will be processed by the vulnerable function, which lacks the necessary authorization checks, allowing the user to disconnect the site from the MailChimp app.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.