Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 9:5 p.m.9 views

CVE-2021-24282

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the various AJAX actions in the plugin to do a variety of things. For example, an attacker could use wpcf7rresetsettings to reset the plugin’s settings, wpcf7raddaction to...

6.5CVSS6.5AI score0.00728EPSS
Exploits1References1
openvas
openvas
added 2021/06/04 12:0 a.m.22 views

WordPress Redirection for Contact Form 7 Plugin < 2.3.4 Multiple Vulnerabilities

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

8.8CVSS5.7AI score0.07359EPSS
Exploits9References2
nvd
nvd
added 2021/05/14 12:15 p.m.16 views

CVE-2021-24282

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the various AJAX actions in the plugin to do a variety of things. For example, an attacker could use wpcf7rresetsettings to reset the plugin’s settings, wpcf7raddaction to...

6.5CVSS0.00728EPSS
Exploits1References2
cve
cve
added 2021/05/14 11:38 a.m.46 views

CVE-2021-24282

The CVE-2021-24282 entry applies to the WordPress plugin Redirection for Contact Form 7, affected versions prior to 2.3.4. The vulnerability arises from unauthenticated or poorly restricted AJAX actions that an authenticated user (e.g., a subscriber) can trigger to manipulate the plugin (examples...

6.5CVSS6.2AI score0.00728EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder