16 matches found
CVE-2024-31388
Cross-Site Request Forgery CSRF vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.25...
CVE-2024-29110
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pauple Table & Contact Form 7 Database – Tablesome allows Reflected XSS.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.27...
CVE-2025-22351
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in penguinarts Contact Form 7 Database – CFDB7 advanced-cf7-database allows SQL Injection.This issue affects Contact Form 7 Database – CFDB7: from n/a through = 1.0.0...
CVE-2024-37498 WordPress Tablesome plugin <= 1.0.33 - Sensitive Data Exposure via API vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.33...
CVE-2024-3870 Contact Form 7 Database Addon – CFDB7 <= 1.2.6.8 - Unauthenticated Sensitive Information Exposure
The Contact Form 7 Database Addon – CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7beforesendmail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally Identifiable...
CVE-2024-3870
The CVE-2024-3870 entry concerns the WordPress plugin Contact Form 7 Database Addon – CFDB7. It is vulnerable to Sensitive Information Exposure in versions up to and including 1.2.6.8 via cfdb7_before_send_mail, allowing unauthenticated attackers to extract sensitive data (e.g., PII) from files u...
Contact Form 7 Database Addon – CFDB7 < 1.2.7 - Unauthenticated Sensitive Information Exposure
Description The Contact Form 7 Database Addon – CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7beforesendmail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally...
CVE-2024-31388
Cross-Site Request Forgery CSRF vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.25...
CVE-2024-31388
CVE-2024-31388 is a CSRF vulnerability in the Tablesome extension (Tablesome: Table & Contact Form 7 Database) for WordPress, affecting versions up to 1.0.25. The connected sources confirm the vulnerability and affected product; no additional root-cause or remediation details are provided in the ...
WordPress Table & Contact Form 7 Database – Tablesome Plugin <= 1.0.25 is vulnerable to Cross Site Request Forgery (CSRF)
Software Table & Contact Form 7 Database – Tablesome Type Plugin Vulnerable versions = 1.0.25 Fixed in 1.0.26 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2024-31388 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...
CVE-2024-29110
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pauple Table & Contact Form 7 Database – Tablesome allows Reflected XSS.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.27...
CVE-2024-29110 WordPress Tablesome plugin <= 1.0.27 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pauple Table & Contact Form 7 Database – Tablesome allows Reflected XSS.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.27...
CVE-2024-29110
CVE-2024-29110 is a reflected XSS in the WordPress plugin tablesome (Tablesome) for Pauple Table & Contact Form 7 Database, caused by improper neutralization of input during web page generation. Affected affected version: Tablesome from n/a up to 1.0.27. The CVE description and related sources co...
Cross site scripting
Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin versions = 1.2.6.1...
CVE-2021-36886
CVE-2021-36886 affects the WordPress plugin Contact Form 7 Database Addon (CFDB7) versions up to 1.2.5.9. Root cause is CSRF due to lack of token validation, enabling unauthorized actions when a logged-in user visits a malicious page. Impact is CSRF risk on sites using CFDB7
CVE-2021-24144
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone to a vulnerability that lets remote attackers inject arbitrary formulas into CSV files...