WordPress plugin WPForms Google Sheet Connector 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

EUVD-2023-49311

Malicious code in bioql PyPI...

CVE-2025-53465 WordPress GSheets Connector Plugin <= 1.1.1 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in raoinfotech GSheets Connector sheetlink allows Object Injection.This issue affects GSheets Connector: from n/a through = 1.1.1...

CVE-2025-54682

Cross-Site Request Forgery CSRF vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets wp-gravity-forms-spreadsheets allows Cross Site Request Forgery.This issue affects Connector for Gravity Forms and Google Sheets: from n/a through = 1.2.4...

CVE-2025-54681 WordPress Connector for Gravity Forms and Google Sheets Plugin plugin <= 1.2.4 - Open Redirection Vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets allows Phishing. This issue affects Connector for Gravity Forms and Google Sheets: from n/a through 1.2.4...

CVE-2023-2330

The Caldera Forms Google Sheets Connector WordPress plugin before 1.3 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack...

CVE-2025-22686 WordPress CF7 Google Sheets Connector plugin <= 5.0.17 - Broken Access Control vulnerability

Missing Authorization vulnerability in WesternDeal CF7 Google Sheets Connector cf7-google-sheets-connector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Google Sheets Connector: from n/a through = 5.0.17...

CVE-2025-22686

CVE-2025-22686 : WordPress CF7 Google Sheets Connector (GSheetConnector) versions n/a through 5.0.17 contain a Missing Authorization vulnerability due to incorrectly configured access control. This could allow an attacker to exploit access control settings within CF7 Google Sheets Connector. CVSS...

CVE-2024-5654

The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'executepostdatacg7free' function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated attackers to toggle site...

WordPress CF7 Google Sheets Connector plugin <= 5.0.9 - Missing Authorization to Limited Site Configuration Update vulnerability

Missing Authorization to Limited Site Configuration Update vulnerability discovered by 1337Wannabe in WordPress Plugin CF7 Google Sheets Connector versions = 5.0.9...

CF7 Google Sheets Connector < 5.0.10 - Missing Authorization to Limited Site Configuration Update

Description The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'executepostdatacg7free' function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated attackers to toggl...

CVE-2023-44989 WordPress CF7 Google Sheets Connector plugin <= 5.0.5 - Sensitive Data Exposure via Debug Log vulnerability

Insertion of Sensitive Information into Log File vulnerability in GSheetConnector CF7 Google Sheets Connector.This issue affects CF7 Google Sheets Connector: from n/a through 5.0.5...

CVE-2023-44989

CVE-2023-44989 affects the CF7 Google Sheets Connector WordPress plugin. It enables unauthenticated exposure of sensitive data via the plugin’s debug log (google-sheet-connector.php) for versions up to 5.0.5. Patch: upgrade to 5.0.6. The CVSS/impact details in connected sources cite high severity...

WordPress Plugin CF7 Google Sheets Connector 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin CF7 Google Sheets Connecto...

PT-2024-13207 · Unknown · Cf7 Google Sheets Connector

Name of the Vulnerable Software and Affected Versions: CF7 Google Sheets Connector versions through 5.0.5 Description: The issue is related to the insertion of sensitive information into log files. This can potentially expose confidential data. Recommendations: For versions through 5.0.5, update ...

CF7 Google Sheets Connector < 5.0.6 - Unauthenticated Sensitive Information Exposure via Debug Log

Description The CF7 Google Sheets Connector plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.0.5 via the debug log functionality in google-sheet-connector.php. This makes it possible for unauthenticated attackers to extract sensitive dat...

WordPress CF7 Google Sheets Connector Plugin <= 5.0.5 is vulnerable to Sensitive Data Exposure

Software CF7 Google Sheets Connector Type Plugin Vulnerable versions = 5.0.5 Fixed in 5.0.6 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-44989 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 42f969d97736...

CVE-2023-2330

CVE-2023-2330 – Caldera Forms Google Sheets Connector (WordPress) What is affected: Caldera Forms Google Sheets Connector WordPress plugin, prior to version 1.3. Root cause: Missing CSRF protection when updating the Access Code, enabling a CSRF attack to change the access code when an admin is lo...

CVE-2023-2330 Caldera Forms Google Sheets Connector < 1.3 - Access Code Update via CSRF

The Caldera Forms Google Sheets Connector WordPress plugin before 1.3 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack...

CVE-2023-2330 Caldera Forms Google Sheets Connector < 1.3 - Access Code Update via CSRF

The Caldera Forms Google Sheets Connector WordPress plugin before 1.3 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack...