Skip to content

Commit 55a2212

Browse files
committed
Fix - Provide CSRF hardening for Mailchimp List changes.
1 parent f76aa28 commit 55a2212

File tree

3 files changed

+15
-6
lines changed

3 files changed

+15
-6
lines changed

includes/admin/templates/settings.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,7 @@ function ( $ele ) {
103103
</td>
104104
<td>
105105
<input type="hidden" name="mcsf_action" value="update_mc_list_id" />
106+
<?php wp_nonce_field( 'update_mc_list_id_action', 'update_mc_list_id_nonce' ); ?>
106107
<input type="submit" name="Submit" value="<?php esc_attr_e( 'Update List', 'mailchimp' ); ?>" class="button mailchimp-sf-button small" />
107108
</td>
108109
</tr>

mailchimp.php

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
* Plugin URI: https://mailchimp.com/help/connect-or-disconnect-list-subscribe-for-wordpress/
55
* Description: Add a Mailchimp signup form block, widget or shortcode to your WordPress site.
66
* Text Domain: mailchimp
7-
* Version: 1.9.0
7+
* Version: 1.9.1
88
* Requires at least: 6.4
99
* Requires PHP: 7.0
1010
* PHP tested up to: 8.3
@@ -67,7 +67,7 @@ function () {
6767
use function Mailchimp\WordPress\Includes\Admin\{admin_notice_error, admin_notice_success};
6868

6969
// Version constant for easy CSS refreshes
70-
define( 'MCSF_VER', '1.9.0' );
70+
define( 'MCSF_VER', '1.9.1' );
7171

7272
// What's our permission (capability) threshold
7373
define( 'MCSF_CAP_THRESHOLD', 'manage_options' );
@@ -530,15 +530,20 @@ function mailchimp_sf_change_list_if_necessary() {
530530
return;
531531
}
532532

533+
if (
534+
! current_user_can( MCSF_CAP_THRESHOLD ) ||
535+
! isset( $_POST['update_mc_list_id_nonce'] ) ||
536+
! wp_verify_nonce( sanitize_key( $_POST['update_mc_list_id_nonce'] ), 'update_mc_list_id_action' )
537+
) {
538+
wp_die( 'Security check failed.' );
539+
}
540+
533541
if ( empty( $_POST['mc_list_id'] ) ) {
534542
$msg = esc_html__( 'Please choose a valid list', 'mailchimp' );
535543
admin_notice_error( $msg );
536544
return;
537545
}
538546

539-
// Simple permission check before going through all this
540-
if ( ! current_user_can( MCSF_CAP_THRESHOLD ) ) { return; }
541-
542547
$api = mailchimp_sf_get_api();
543548
if ( ! $api ) { return; }
544549

readme.txt

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
Contributors: Mailchimp
33
Tags: mailchimp, email, newsletter, signup, marketing
44
Tested up to: 6.8
5-
Stable tag: 1.9.0
5+
Stable tag: 1.9.1
66
License: GPL-2.0-or-later
77
License URI: https://spdx.org/licenses/GPL-2.0-or-later.html
88

@@ -80,6 +80,9 @@ If you are upgrading to version 1.2.1 and you used the widget in your sidebar pr
8080

8181
== Changelog ==
8282

83+
= 1.9.1 - 2026-01-08 =
84+
* **Fix:** Provide CSRF hardening for Mailchimp List changes.
85+
8386
= 1.9.0 - 2025-06-04 =
8487
* **Added:** New user synchronization feature that allows syncing WordPress users to Mailchimp (props [@iamdharmesh](https://github.com/iamdharmesh), [@jeffpaul](https://github.com/jeffpaul), [@dkotter](https://github.com/dkotter), [@qasumitbagthariya](https://github.com/qasumitbagthariya) via [#156](https://github.com/mailchimp/wordpress/pull/156)).
8588
* **Changed:** Improved the enqueueing of JavaScript scripts and styles (props [@iamdharmesh](https://github.com/iamdharmesh), [@dkotter](https://github.com/dkotter), [@qasumitbagthariya](https://github.com/qasumitbagthariya) via [#161](https://github.com/mailchimp/wordpress/pull/161)).

0 commit comments

Comments
 (0)