Contact Form 7 Vulnerability – Reflected Cross-Site Scripting – CVE-2024-2242 | WordPress Plugin Vulnerability Report

Plugin Name: Contact Form 7 Key Information: Software Type: Plugin Software Slug: contact-form-7 Software Status: Active Software Author: takayukister Software Downloads: 318,916,329 Active Installs: 5,000,000 Last Updated: March 14, 2024 Patched Versions: 5.9.2 Affected Versions: <= 5.9 Vulnerability Details: Name: Contact Form 7 <= 5.9 Title: Reflected Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE: CVE-2024-2242 CVSS Score:…

Read More

Database for Contact Form 7, WPforms, Elementor forms Vulnerability – Authenticated (Administrator+) Arbitrary File Upload – CVE-2024-1069 | WordPress Plugin Vulnerability Report

Plugin Name: Database for Contact Form 7, WPforms, Elementor forms Key Information: Software Type: Plugin Software Slug: contact-form-entries Software Status: Active Software Author: crmperks Software Downloads: 502,953 Active Installs: 60,000 Last Updated: February 1, 2024 Patched Versions: 1.3.3 Affected Versions: <= 1.3.2 Vulnerability Details: Name: Contact Form Entries <= 1.3.2 Title: Authenticated (Administrator+) Arbitrary File…

Read More

WordPress Plugin Vulnerability Report – Contact Form 7 – Authenticated (Editor+) Arbitrary File Upload – CVE-2023-6449

Plugin Name: Contact Form 7 Key Information: Software Type: Plugin Software Slug: contact-form-7 Software Status: Active Software Author: takayukister Software Downloads: 299,048,263 Active Installs: 5,000,000 Last Updated: November 30, 2023 Patched Versions: 5.8.4 Affected Versions: <= 5.8.3 Vulnerability Details: Name: Contact Form 7 <= 5.8.3 – Authenticated (Editor+) Arbitrary File Upload Title: Authenticated (Editor+) Arbitrary File Upload Type: Unrestricted Upload of File with Dangerous Type CVE: CVE-2023-6449 CVSS…

Read More

WordPress Plugin Vulnerability Report – Drag and Drop Multiple File Upload– Contact Form 7 – Unauthenticated Arbitrary File Upload – CVE-2023-5822

Plugin Name: Drag and Drop Multiple File Upload– Contact Form 7 Key Information: Software Type: Plugin Software Slug: drag-and-drop-multiple-file-upload-contact-form-7 Software Status: Active Software Author: glenwpcoder Software Downloads: 575,808 Active Installs: 50,000 Last Updated: November 1, 2023 Patched Versions: 1.3.7.4 Affected Versions: <= 1.3.7.3 Vulnerability Details: Name: Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.7.3 – Unauthenticated Arbitrary File Upload Title: Unauthenticated Arbitrary…

Read More