Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.10 views

CVE-2024-31388

Cross-Site Request Forgery CSRF vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.25...

4.3CVSS5.1AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:6 a.m.8 views

CVE-2024-29110

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pauple Table & Contact Form 7 Database – Tablesome allows Reflected XSS.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.27...

7.1CVSS8.6AI score0.00419EPSS
Exploits0References1
NVD
NVD
added 2025/01/07 11:15 a.m.9 views

CVE-2025-22351

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in penguinarts Contact Form 7 Database – CFDB7 advanced-cf7-database allows SQL Injection.This issue affects Contact Form 7 Database – CFDB7: from n/a through = 1.0.0...

7.6CVSS0.00458EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/10 5:47 p.m.18 views

CVE-2024-37498 WordPress Tablesome plugin <= 1.0.33 - Sensitive Data Exposure via API vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.33...

5.3CVSS7.1AI score0.00443EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/02 4:52 p.m.14 views

CVE-2024-3870 Contact Form 7 Database Addon – CFDB7 <= 1.2.6.8 - Unauthenticated Sensitive Information Exposure

The Contact Form 7 Database Addon – CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7beforesendmail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally Identifiable...

5.3CVSS5.9AI score0.00738EPSS
Exploits0References3
CVE
CVE
added 2024/05/02 4:52 p.m.69 views

CVE-2024-3870

The CVE-2024-3870 entry concerns the WordPress plugin Contact Form 7 Database Addon – CFDB7. It is vulnerable to Sensitive Information Exposure in versions up to and including 1.2.6.8 via cfdb7_before_send_mail, allowing unauthenticated attackers to extract sensitive data (e.g., PII) from files u...

5.3CVSS6.7AI score0.00738EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/04/26 12:0 a.m.17 views

Contact Form 7 Database Addon – CFDB7 < 1.2.7 - Unauthenticated Sensitive Information Exposure

Description The Contact Form 7 Database Addon – CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7beforesendmail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally...

5.3CVSS6.8AI score0.00738EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/15 11:15 a.m.22 views

CVE-2024-31388

Cross-Site Request Forgery CSRF vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.25...

4.3CVSS4.6AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 10:11 a.m.80 views

CVE-2024-31388

CVE-2024-31388 is a CSRF vulnerability in the Tablesome extension (Tablesome: Table & Contact Form 7 Database) for WordPress, affecting versions up to 1.0.25. The connected sources confirm the vulnerability and affected product; no additional root-cause or remediation details are provided in the ...

4.3CVSS5.1AI score0.002EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/10 12:0 a.m.20 views

WordPress Table & Contact Form 7 Database – Tablesome Plugin <= 1.0.25 is vulnerable to Cross Site Request Forgery (CSRF)

Software Table & Contact Form 7 Database – Tablesome Type Plugin Vulnerable versions = 1.0.25 Fixed in 1.0.26 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2024-31388 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

4.3CVSS6.6AI score0.002EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/19 3:15 p.m.30 views

CVE-2024-29110

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pauple Table & Contact Form 7 Database – Tablesome allows Reflected XSS.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.27...

7.1CVSS6.9AI score0.00419EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/19 3:7 p.m.16 views

CVE-2024-29110 WordPress Tablesome plugin <= 1.0.27 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pauple Table & Contact Form 7 Database – Tablesome allows Reflected XSS.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.27...

7.1CVSS6.9AI score0.00419EPSS
Exploits0References1
CVE
CVE
added 2024/03/19 3:7 p.m.65 views

CVE-2024-29110

CVE-2024-29110 is a reflected XSS in the WordPress plugin tablesome (Tablesome) for Pauple Table & Contact Form 7 Database, caused by improper neutralization of input during web page generation. Affected affected version: Tablesome from n/a up to 1.0.27. The CVE description and related sources co...

7.1CVSS8.6AI score0.00419EPSS
Exploits0References1
Prion
Prion
added 2021/12/22 7:15 p.m.15 views

Cross site scripting

Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin versions = 1.2.6.1...

4.3CVSS5.8AI score0.00757EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/12/22 6:6 p.m.61 views

CVE-2021-36886

CVE-2021-36886 affects the WordPress plugin Contact Form 7 Database Addon (CFDB7) versions up to 1.2.5.9. Root cause is CSRF due to lack of token validation, enabling unauthorized actions when a logged-in user visits a malicious page. Impact is CSRF risk on sites using CFDB7

8.8CVSS7.6AI score0.00543EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/03/18 3:15 p.m.25 views

CVE-2021-24144

Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone to a vulnerability that lets remote attackers inject arbitrary formulas into CSV files...

7.8CVSS0.01244EPSS
Exploits1References1
Rows per page
Query Builder