CVE-2026-23693
📋 TL;DR
The ElementsKit Lite WordPress plugin versions before 3.7.9 expose an unauthenticated REST endpoint that accepts Mailchimp API credentials. Unauthenticated attackers can abuse this endpoint as an open proxy to Mailchimp, potentially making unauthorized API calls, manipulating subscription data, or exhausting API quotas. All WordPress sites running vulnerable versions of this plugin are affected.
💻 Affected Systems
- ElementsKit Lite WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete Mailchimp account takeover, mass subscription manipulation, API quota exhaustion leading to service disruption, and potential resource consumption attacks on the WordPress server.
Likely Case
Unauthorized Mailchimp API calls resulting in subscription list manipulation, spam campaigns, and API quota exhaustion.
If Mitigated
Limited impact if proper network segmentation and API rate limiting are in place, but endpoint remains accessible.
🎯 Exploit Status
Exploitation requires only HTTP requests to the exposed endpoint with crafted parameters.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 3.7.9
Vendor Advisory: https://wpmet.com/plugin/elementskit/
Restart Required: No
Instructions:
1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find ElementsKit Lite
4. Click 'Update Now' if available
5. Alternatively, download version 3.7.9+ from WordPress repository and manually update
🔧 Temporary Workarounds
Block REST Endpoint via .htaccess
linuxBlock access to the vulnerable endpoint using Apache mod_rewrite rules
RewriteEngine On
RewriteRule ^wp-json/elementskit/v1/widget/mailchimp/subscribe - [F,L]
Disable Plugin
allTemporarily disable the ElementsKit Lite plugin until patched
🧯 If You Can't Patch
- Implement WAF rules to block requests to /wp-json/elementskit/v1/widget/mailchimp/subscribe
- Restrict access to WordPress REST API endpoints using authentication or IP whitelisting
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → ElementsKit Lite version. If version is below 3.7.9, system is vulnerable.Check Version:
wp plugin list --name=elementskit-lite --field=versionVerify Fix Applied:
Confirm plugin version is 3.7.9 or higher. Test endpoint access with unauthenticated request to /wp-json/elementskit/v1/widget/mailchimp/subscribe - should return 403/404.📡 Detection & Monitoring
Log Indicators:
- HTTP 200 responses to POST /wp-json/elementskit/v1/widget/mailchimp/subscribe from unauthenticated users
- Unusual Mailchimp API call patterns originating from WordPress server
Network Indicators:
- POST requests to vulnerable endpoint without authentication headers
- Outbound connections to Mailchimp API from WordPress server with unusual frequency
SIEM Query:
source="wordpress.log" AND (uri_path="/wp-json/elementskit/v1/widget/mailchimp/subscribe" AND http_status=200)