Lucene search
PatchstackCVELIST:CVE-2023-40609HistoryNov 06, 2023 - 8:15 a.m.
CVE-2023-40609 WordPress Contact form 7 Custom validation Plugin <= 1.1.3 is vulnerable to SQL Injection
2023-11-0608:15:24
CWE-89
Patchstack
www.cve.org
wordpress
contact form 7
sql injection
vulnerability
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Aiyaz, maheshpatel Contact form 7 Custom validation allows SQL Injection.This issue affects Contact form 7 Custom validation: from n/a through 1.1.3.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "cf7-field-validation",
"product": "Contact form 7 Custom validation",
"vendor": "Aiyaz, maheshpatel",
"versions": [
{
"lessThanOrEqual": "1.1.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Contact form 7 Custom validation <= 1.1.3 - Unauthenticated SQLi
2023-11-16 00:00:00
nvd
nvd
CVE-2023-40609
2023-11-06 09:15:08
cve
cve
CVE-2023-40609
2023-11-06 09:15:08
prion
prion
Sql injection
2023-11-06 09:15:00
wordfence
wordfence