Lucene search

CVE-2021-24125

🗓️ 18 Mar 2021 15:13:15Reported by WPScanType

Unvalidated input in Contact Form Submissions WordPress plugin before 1.7.1 could lead to SQL injection in wpcf7_contact_form paramete

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
WPVulnDB	Contact Form Submissions <= 1.6.4 - Authenticated SQL Injection	3 Jan 202100:00	–	wpvulndb
Cvelist	CVE-2021-24125 Contact Form Submissions < 1.7.1 - Authenticated SQL Injection	18 Mar 202114:57	–	cvelist
NVD	CVE-2021-24125	18 Mar 202115:15	–	nvd
Prion	Sql injection	18 Mar 202115:15	–	prion
wpexploit	Contact Form Submissions <= 1.6.4 - Authenticated SQL Injection	3 Jan 202100:00	–	wpexploit
Patchstack	WordPress Contact Form Submissions plugin <= 1.7 - Authenticated SQL Injection (SQLi) vulnerability	3 Jan 202100:00	–	patchstack
RedhatCVE	CVE-2021-24125	22 May 202519:20	–	redhatcve

Nvd

Vulners

Node

contact_form_submissions_project contact_form_submissionsRange<1.7.1wordpress

[
  {
    "product": "Contact Form Submissions",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.7.1",
        "status": "affected",
        "version": "1.7.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/8591b3c9-b041-4ff5-b8d9-6f9f81041178

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Mar 2021 15:15Current

7.2High risk

Vulners AI Score7.2

CVSS26.5

CVSS37.2

EPSS0.0071

CWE-89