Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Contact Form Submissions Project Subscribe
Filtered by product Contact Form Submissions
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24125 1 Contact Form Submissions Project 1 Contact Form Submissions 2022-05-27 6.5 MEDIUM 7.2 HIGH
Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)
CVE-2022-0248 1 Contact Form Submissions Project 1 Contact Form Submissions 2022-04-30 4.3 MEDIUM 6.1 MEDIUM
The Contact Form Submissions WordPress plugin before 1.7.3 does not sanitise and escape additional fields in contact form requests before outputting them in the related submission. As a result, unauthenticated attacker could perform Cross-Site Scripting attacks against admins viewing the malicious submission