Title: Server Side Request (SSRF) vulnerability
Last modified: January 9, 2024

---

# Server Side Request (SSRF) vulnerability

 *  Resolved [dooza](https://wordpress.org/support/users/dooza/)
 * (@dooza)
 * [2 years, 5 months ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/)
 * My site is alerting me that the current version of this plugin has a security
   issue that has not been patched yet:
 * [https://patchstack.com/database/vulnerability/contact-form-7-mailchimp-extension/wordpress-contact-form-7-extension-for-mailchimp-plugin-0-5-70-server-side-request-forgery-ssrf-vulnerability?_a_id=431](https://patchstack.com/database/vulnerability/contact-form-7-mailchimp-extension/wordpress-contact-form-7-extension-for-mailchimp-plugin-0-5-70-server-side-request-forgery-ssrf-vulnerability?_a_id=431)
 * Is this plugin being updated anytime soon?

Viewing 8 replies - 1 through 8 (of 8 total)

 *  [jumpinsteph](https://wordpress.org/support/users/jumpinsteph/)
 * (@jumpinsteph)
 * [2 years, 4 months ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17337829)
 * Hi,
 * Same alert for me.
 * Some news ?
   Thanks
 *  [James](https://wordpress.org/support/users/james-feaver/)
 * (@james-feaver)
 * [2 years, 4 months ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17345255)
 * Wordfence reporting it too. Sorry, I’ve swapped to an alternative on my sites.
 *  Thread Starter [dooza](https://wordpress.org/support/users/dooza/)
 * (@dooza)
 * [2 years, 4 months ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17345299)
 * [@james-feaver](https://wordpress.org/support/users/james-feaver/) which one 
   did you go for?
 *  [James](https://wordpress.org/support/users/james-feaver/)
 * (@james-feaver)
 * [2 years, 4 months ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17345323)
 * [@dooza](https://wordpress.org/support/users/dooza/) – I went for [MC4WP: Mailchimp for WordPress](https://en-gb.wordpress.org/plugins/mailchimp-for-wp/).
   It has 2+ million downloads,  was last updated 7 days ago and has a 5 star rating.
   It also allowed me to get rid of another plugin as it can add the option to go
   onto the mailing list for the WooCommerce checkout.
 *  [mmazziotti](https://wordpress.org/support/users/mmazziotti/)
 * (@mmazziotti)
 * [2 years, 4 months ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17351378)
 * I see there is a new version for the plugin (Version 0.5.71) that came out Jan
   14. Does this version fix the reported vulnerability? Can the developers please
   confirm?
 *  Plugin Author [Renzo Johnson](https://wordpress.org/support/users/rnzo/)
 * (@rnzo)
 * [2 years, 4 months ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17357745)
 * Hello, the latest update has fix any vulnerability issues.
 *  [trajektorijus](https://wordpress.org/support/users/trajektorijus/)
 * (@trajektorijus)
 * [2 years, 4 months ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17371651)
 * How do I download the latest version of the plugin? Plugin page says that the
   plugin is under review and does not allow me to download it…
 *  [Iamhere](https://wordpress.org/support/users/iamhere/)
 * (@iamhere)
 * [2 years ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17764509)
 * Hello is the plugin author OK ? They seem to have dropped off the face of the
   earth. I hope they are alright
 * [@rnzo](https://wordpress.org/support/users/rnzo/) can you reply to let us know?
 * I also have an issue with the Campaign Monitor plugin – but the Author website
   appears to be down for some weeks now…
 * [https://wordpress.org/support/topic/dev-website-help-is-dead-link-is-this-plugin-still-alive/](https://wordpress.org/support/topic/dev-website-help-is-dead-link-is-this-plugin-still-alive/)

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘Server Side Request (SSRF) vulnerability’ is closed to new replies.

 * ![](https://ps.w.org/contact-form-7-mailchimp-extension/assets/icon-256x256.png?
   rev=1072113)
 * [Connect Contact Form 7 and Mailchimp](https://wordpress.org/plugins/contact-form-7-mailchimp-extension/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/contact-form-7-mailchimp-extension/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/contact-form-7-mailchimp-extension/)
 * [Active Topics](https://wordpress.org/support/plugin/contact-form-7-mailchimp-extension/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/contact-form-7-mailchimp-extension/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/contact-form-7-mailchimp-extension/reviews/)

 * 10 replies
 * 7 participants
 * Last reply from: [Iamhere](https://wordpress.org/support/users/iamhere/)
 * Last activity: [2 years ago](https://wordpress.org/support/topic/server-side-request-ssrf-vulnerability/#post-17764509)
 * Status: resolved