67 matches found
WordPress Contact Form 7 AWeber Extension plugin unauthorized data modification vulnerability
WordPress Contact Form 7 AWeber Extension plugin is an extension plugin designed for WordPress Contact Form 7 plugin for automatic synchronization of form data to AWeber email marketing platform. The WordPress Contact Form 7 AWeber Extension plugin suffers from an unauthorized data modification...
WordPress Contact Form 7 AWeber Extension plugin <= 0.1.42 - Missing Authorization to Authenticated (Subscriber+) Log Reset vulnerability
Missing Authorization to Authenticated Subscriber+ Log Reset vulnerability discovered by Legion Hunter in WordPress Plugin Contact Form 7 AWeber Extension versions = 0.1.42...
CVE-2025-12167
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxaweberlogreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with...
EUVD-2025-38362
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxaweberlogreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with...
CVE-2025-12167
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxaweberlogreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with...
CVE-2025-12167
CVE-2025-12167 affects the WordPress plugin “Contact Form 7 AWeber Extension” (versions through 0.1.42). The root cause is a missing capability check on the AJAX endpoint named wp_ajax_aweber_logreset, allowing authenticated users with Subscriber-level access and above to modify data by resetting...
CVE-2025-12167 Contact Form 7 AWeber Extension <= 0.1.42 - Missing Authorization to Authenticated (Subscriber+) Log Reset
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxaweberlogreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with...
CVE-2025-12167 Contact Form 7 AWeber Extension <= 0.1.42 - Missing Authorization to Authenticated (Subscriber+) Log Reset
The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxaweberlogreset' AJAX endpoint in all versions up to, and including, 0.1.42. This makes it possible for authenticated attackers, with...
WordPress plugin Contact Form 7 AWeber Extension 安全漏洞
WordPress Contact Form 7 AWeber Extension plugin is an extension plugin designed for WordPress Contact Form 7 plugin for automatic synchronization of form data to AWeber email marketing platform. The WordPress Contact Form 7 AWeber Extension plugin suffers from an unauthorized data modification...
PT-2025-45550
Name of the Vulnerable Software and Affected Versions Contact Form 7 AWeber Extension versions through 0.1.42 Description The Contact Form 7 AWeber Extension plugin for WordPress has a flaw that allows unauthorized data modification. This is due to a missing capability check on the wp ajax aweber...
EUVD-2024-34524
Malicious code in bioql PyPI...
EUVD-2025-28341
Malicious code in bioql PyPI...
EUVD-2023-51855
Malicious code in bioql PyPI...
CVE-2025-49988
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 AWeber Extension integrate-contact-form-7-and-aweber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 AWeber Extension: from n/a through = 0.1.40...
CVE-2025-49988
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 AWeber Extension integrate-contact-form-7-and-aweber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 AWeber Extension: from n/a through = 0.1.40...
CVE-2025-49988 WordPress Contact Form 7 AWeber Extension plugin <= 0.1.40 - Broken Access Control vulnerability
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 AWeber Extension integrate-contact-form-7-and-aweber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 AWeber Extension: from n/a through = 0.1.40...
CVE-2025-49988
CVE-2025-49988 is a Missing Authorization vulnerability in Renzo/Contact Form 7 AWeber Extension affecting version = 0.1.40) or apply vendor-provided fixed controls once available. Monitor for updated advisories from CVE/CVSS feeds and verify plugin versions on affected WordPress installations.
CVE-2025-49988 WordPress Contact Form 7 AWeber Extension plugin <= 0.1.40 - Broken Access Control vulnerability
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 AWeber Extension integrate-contact-form-7-and-aweber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form 7 AWeber Extension: from n/a through = 0.1.40...
PT-2025-26356 · Unknown · Renzo Contact Form 7 Aweber Extension
Name of the Vulnerable Software and Affected Versions: Renzo Contact Form 7 AWeber Extension versions 0.1.38 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Recommendations: For...
WordPress plugin Contact Form 7 AWeber Extension 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An improper access control vulnerability exists in the WordPress Contact Form 7 AWeber Extension plugin, which stems from a lack of authorization, and no detailed vulnerability...