From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.18 - Missing Authorization to Authenticated (Subscriber+) Mailchimp Integration Modification 2. Vulnerability Type: Improper Authorization 3. CVSS Score: 4.2 (Medium) 4. Public Release Date: August 31, 2024 5. Last Updated: September 1, 2024 6. Researcher: Tobias Weiβhaar (kun_19) 7. Vulnerability Description: This vulnerability allows unauthorized updates to the Mailchimp API key due to insufficient validation when verifying users with Subscriber-level access. This enables users with Subscriber-level access to modify the Mailchimp API key used for integration. Additionally, the lack of Mailchimp API key validation allows integration requests to be redirected to servers controlled by the attacker. 8. Reference Link: plugins.trac.wordpress.org 9. Remediation Recommendation: Update to version 5.1.19 or a later patched version. 10. Affected Versions: <= 5.1.18 11. Fixed Version: 5.1.19 12. Copyright Information: This record contains copyrighted material. 13. License Information: - Defiant Inc. grants a perpetual, global, non-exclusive, royalty-free, irrevocable copyright license to copy, prepare derivative works, publicly display, publicly perform, distribute, license, and sublicense this software vulnerability information. - MITRE Corporation grants a perpetual, global, non-exclusive, royalty-free, irrevocable copyright license to copy, prepare derivative works, publicly display, publicly perform, distribute, license, and sublicense Common Vulnerabilities and Exposures (CVE®). 14. Contact Information: For any information to add or if errors are found, please contact wfi-support@wordfence.com. This information helps users understand the details of the vulnerability, its scope of impact, and how to remediate or avoid it.