Redirection for Contact Form 7 < 2.5.0 - Cross-Site Scripting

The Redirection for Contact Form 7 WordPress plugin before 2.5.0 does not escape a link generated before outputting it in an attribute, leading to a Reflected Cross-Site Scripting. id: CVE-2022-0250 info: name: Redirection for Contact Form 7 2.5.0 - Cross-Site Scripting author: ritikchaddha...

EUVD-2024-43382

Malicious code in bioql PyPI...

EUVD-2024-44100

Malicious code in bioql PyPI...

CVE-2024-49319

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in B.M. Rafiul Alam Awesome Contact Form7 for Elementor awesome-contact-form7-for-elementor.This issue affects Awesome Contact Form7 for Elementor: from n/a through = 3.0...

WordPress WP Contact Form7 Email Spam Blocker plugin <= 1.0.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Le Ngoc Anh in WordPress Plugin WP Contact Form7 Email Spam Blocker versions = 1.0.0...

CVE-2024-13467

The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-13467

The CVE-2024-13467 entry concerns the WordPress plugin WP Contact Form7 Email Spam Blocker. A Reflected Cross-Site Scripting vulnerability exists in the post parameter for all versions up to and including 1.0.0, caused by insufficient input sanitization and output escaping. This allows unauthenti...

CVE-2024-13467 WP Contact Form7 Email Spam Blocker <= 1.0.0 - Reflected Cross-Site Scripting

The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-13467 WP Contact Form7 Email Spam Blocker <= 1.0.0 - Reflected Cross-Site Scripting

The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-49319 WordPress Awesome Contact Form7 for Elementor plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in B.M. Rafiul Alam Awesome Contact Form7 for Elementor awesome-contact-form7-for-elementor.This issue affects Awesome Contact Form7 for Elementor: from n/a through = 3.0...

CVE-2024-49319 WordPress Awesome Contact Form7 for Elementor plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in B.M. Rafiul Alam Awesome Contact Form7 for Elementor awesome-contact-form7-for-elementor.This issue affects Awesome Contact Form7 for Elementor: from n/a through = 3.0...

CVE-2024-49319

CVE-2024-49319 affects WordPress plugin Awesome Contact Form7 for Elementor (

PT-2024-33459 · Unknown · Awesome Contact Form7 For Elementor

Name of the Vulnerable Software and Affected Versions: Awesome Contact Form7 for Elementor versions n/a through 3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS, where an attack...

WordPress plugin Awesome Contact Form7 for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Awesome Contact Form7 for Elementor Plugin <= 3.0 is vulnerable to Cross Site Scripting (XSS)

Software Awesome Contact Form7 for Elementor Type Plugin Vulnerable versions = 3.0 Fixed in 3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49319 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 32af1c1712da Credits ghsinfosec Required...

WordPress Awesome Contact Form7 for Elementor plugin <= 2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via AEP Contact Form 7 Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via AEP Contact Form 7 Widget vulnerability discovered by stealthcopter in WordPress Plugin Awesome Contact Form7 for Elementor versions = 2.9...

WordPress Awesome Contact Form7 for Elementor Plugin <= 2.9 is vulnerable to Cross Site Scripting (XSS)

Software Awesome Contact Form7 for Elementor Type Plugin Vulnerable versions = 2.9 Fixed in 3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4486 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0628b239f9f2 Credits...

PT-2024-31286 · WordPress · Awesome Contact Form7

Name of the Vulnerable Software and Affected Versions: Awesome Contact Form7 for Elementor plugin for WordPress versions up to, and including, 2.9 Description: The issue is related to Stored Cross-Site Scripting via the 'AEP Contact Form 7' widget due to insufficient input sanitization and output...