The Contact Form 7 Database Addon ā CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7_before_send_mail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally Identifiable...
5.3CVSS
6.7AI Score
0.001EPSS
The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when output it back in a CSV file, which could lead to CSV...
9.8CVSS
9.4AI Score
0.002EPSS
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Contact Form 7 Database Addon ā CFDB7 WordPress plugin (versions <=...
6.1CVSS
5.8AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon ā CFDB7 WordPress plugin (versions <=...
8.8CVSS
8.8AI Score
0.001EPSS
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone to a vulnerability that lets remote attackers inject arbitrary formulas into CSV...
7.8CVSS
7.5AI Score
0.001EPSS