CVE-2026-23693
Unauthenticated Open Proxy Vulnerability in ElementsKit Lite REST Endpoint
Publication date: 2026-02-23
Last updated on: 2026-02-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| elementskit | elementskit_lite | to 3.7.9 (exc) |
| roxnor | elementskit_lite | to 3.7.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2026-23693 is a critical vulnerability in the ElementsKit Lite WordPress plugin versions prior to 3.7.9. It involves an unauthenticated REST endpoint at /wp-json/elementskit/v1/widget/mailchimp/subscribe that accepts client-supplied Mailchimp API credentials without proper authentication.'}, {'type': 'paragraph', 'content': "The endpoint insufficiently validates certain parameters, especially the 'list' parameter, when making requests to the Mailchimp API. This allows an unauthenticated attacker to abuse the endpoint as an open proxy to Mailchimp."}, {'type': 'paragraph', 'content': 'Through this, the attacker can trigger unauthorized API calls, manipulate subscription data, exhaust API quotas, or cause resource consumption on the affected WordPress site.'}] [3]
How can this vulnerability impact me? :
This vulnerability can have several serious impacts on your WordPress site and associated Mailchimp account.
- Unauthorized API calls can be made through your site, potentially leading to misuse of your Mailchimp account.
- Subscription data can be manipulated by attackers, which may affect your mailing lists and communications.
- API quotas can be exhausted, potentially disrupting legitimate Mailchimp operations.
- Resource consumption on your WordPress site can increase, possibly degrading site performance or causing downtime.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if the WordPress site is running ElementsKit Lite plugin versions prior to 3.7.9 and if the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe is accessible without authentication.'}, {'type': 'paragraph', 'content': 'You can use commands to test the accessibility of the vulnerable endpoint, for example using curl:'}, {'type': 'list_item', 'content': 'curl -I https://your-wordpress-site.com/wp-json/elementskit/v1/widget/mailchimp/subscribe'}, {'type': 'list_item', 'content': 'curl -X POST https://your-wordpress-site.com/wp-json/elementskit/v1/widget/mailchimp/subscribe -d \'{"list":"test"}\' -H \'Content-Type: application/json\''}, {'type': 'paragraph', 'content': 'If the endpoint responds without requiring authentication and accepts parameters, it indicates the presence of the vulnerability.'}] [3]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the ElementsKit Lite WordPress plugin to version 3.7.9 or later, where this issue is fixed.
Additionally, restricting access to the vulnerable REST endpoint by implementing authentication or firewall rules can help prevent exploitation until the update is applied.
Monitoring API usage and logs for unusual activity related to the Mailchimp subscription endpoint is also recommended.