Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ciphercoin Subscribe
Filtered by product Contact Form 7 Database Addon
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3634 1 Ciphercoin 1 Contact Form 7 Database Addon 2022-11-23 N/A 9.8 CRITICAL
The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when output it back in a CSV file, which could lead to CSV injection
CVE-2021-24144 1 Ciphercoin 1 Contact Form 7 Database Addon 2022-11-14 6.8 MEDIUM 7.8 HIGH
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone to a vulnerability that lets remote attackers inject arbitrary formulas into CSV files.
CVE-2021-36886 1 Ciphercoin 1 Contact Form 7 Database Addon 2022-11-14 6.8 MEDIUM 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.5.9).
CVE-2021-36885 1 Ciphercoin 1 Contact Form 7 Database Addon 2022-11-14 4.3 MEDIUM 6.1 MEDIUM
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.6.1).