CVE-2026-25863

Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hidehiddenmailfieldsregexcallback method reads an iteration count directly from user-supplied POST parameters without...

CVE-2026-25863

Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hidehiddenmailfieldsregexcallback method reads an iteration count directly from user-supplied POST parameters without...

CVE-2026-25863 Conditional Fields for Contact Form 7 < 2.7.3 DoS via Uncontrolled Resource Consumption

Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hidehiddenmailfieldsregexcallback method reads an iteration count directly from user-supplied POST parameters without...

CVE-2026-25863 Conditional Fields for Contact Form 7 < 2.7.3 DoS via Uncontrolled Resource Consumption

Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hidehiddenmailfieldsregexcallback method reads an iteration count directly from user-supplied POST parameters without...

WordPress plugin Conditional Fields for Contact Form 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

EUVD-2023-51933

Malicious code in bioql PyPI...

EUVD-2024-44843

Malicious code in bioql PyPI...

CVE-2024-50412

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Stored XSS.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.15...

CVE-2023-47838

Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.1...

CVE-2023-47838

Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.1...

CVE-2023-47838 WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.1...

WordPress plugin Conditional Fields for Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin Conditional Fields...

PT-2024-13511 · Contact Form 7 · Conditional Fields For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Conditional Fields for Contact Form 7 versions through 2.4.1 Description: The issue affects the Conditional Fields for Contact Form 7 plugin due to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access...

CVE-2024-50412

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Stored XSS.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.15...

WordPress plugin Conditional Fields for Contact Form 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exis...

PT-2024-34186 · Unknown · Conditional Fields For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Conditional Fields for Contact Form 7 versions through 2.4.15 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Conditional Fields for Contact Form 7 versions = 2.4.15...

WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.13 - Cross-Site Request Forgery to Plugin Setting Reset vulnerability

Cross-Site Request Forgery to Plugin Setting Reset vulnerability discovered by Marco Wotschka in WordPress Plugin Conditional Fields for Contact Form 7 versions = 2.4.13...

WordPress Conditional Fields for Contact Form 7 Plugin <= 2.4.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software Conditional Fields for Contact Form 7 Type Plugin Vulnerable versions = 2.4.13 Fixed in 2.4.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5804 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e1825173a8a1...

PT-2024-37168 · WordPress · Conditional Fields For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Conditional Fields for Contact Form 7 plugin for WordPress versions up to, and including, 2.4.13 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the wpcf7cf admin init function...