CVE-2026-25863

Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hidehiddenmailfieldsregexcallback method reads an iteration count directly from user-supplied POST parameters without...

CVE-2026-25863

Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hidehiddenmailfieldsregexcallback method reads an iteration count directly from user-supplied POST parameters without...

CVE-2026-25863 Conditional Fields for Contact Form 7 < 2.7.3 DoS via Uncontrolled Resource Consumption

Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hidehiddenmailfieldsregexcallback method reads an iteration count directly from user-supplied POST parameters without...

CVE-2026-25863 Conditional Fields for Contact Form 7 < 2.7.3 DoS via Uncontrolled Resource Consumption

Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hidehiddenmailfieldsregexcallback method reads an iteration count directly from user-supplied POST parameters without...

WordPress plugin Conditional Fields for Contact Form 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

EUVD-2023-51933

Malicious code in bioql PyPI...

EUVD-2024-44843

Malicious code in bioql PyPI...

CVE-2024-50412

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Stored XSS.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.15...

CVE-2023-47838

Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.1...

CVE-2023-47838

Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.1...

CVE-2023-47838 WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.1...

WordPress plugin Conditional Fields for Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin Conditional Fields...

PT-2024-13511 · Contact Form 7 · Conditional Fields For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Conditional Fields for Contact Form 7 versions through 2.4.1 Description: The issue affects the Conditional Fields for Contact Form 7 plugin due to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access...

CVE-2024-50412

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Stored XSS.This issue affects Conditional Fields for Contact Form 7: from n/a through = 2.4.15...

PT-2024-34186 · Unknown · Conditional Fields For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Conditional Fields for Contact Form 7 versions through 2.4.15 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

WordPress plugin Conditional Fields for Contact Form 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exis...

WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Conditional Fields for Contact Form 7 versions = 2.4.15...

WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.13 - Cross-Site Request Forgery to Plugin Setting Reset vulnerability

Cross-Site Request Forgery to Plugin Setting Reset vulnerability discovered by Marco Wotschka in WordPress Plugin Conditional Fields for Contact Form 7 versions = 2.4.13...

WordPress Conditional Fields for Contact Form 7 Plugin <= 2.4.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software Conditional Fields for Contact Form 7 Type Plugin Vulnerable versions = 2.4.13 Fixed in 2.4.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5804 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e1825173a8a1...

PT-2024-37168 · WordPress · Conditional Fields For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Conditional Fields for Contact Form 7 plugin for WordPress versions up to, and including, 2.4.13 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the wpcf7cf admin init function...