2 matches found
CVE-2026-0814
The CVE-2026-0814 entry concerns the WordPress plugin Advanced CF7 DB . A missing capability check in the function vsz_cf7_export_to_excel affects all versions up to and including 2.0.9 , enabling authenticated users with Subscriber-level access and above to export form submissions to Excel files...
CVE-2019-13571
CVE-2019-13571 is a SQL injection vulnerability in the WordPress plugin Vsourz Digital Advanced CF7 DB, affecting versions up to 1.6.1. The issue allows a remote attacker to execute arbitrary SQL commands on the affected site. Multiple connected sources corroborate the vulnerability details and i...