2 matches found
CVE-2024-1776
The CVE-2024-1776 entry concerns the Admin side data storage for the WordPress plugin Contact Form 7. Affected versions are all up to 1.1.1. Root cause: insufficient escaping of the user-supplied form-id parameter and inadequate preparation in the existing SQL query, enabling an authenticated att...
WordPress Admin side data storage for Contact Form 7 Plugin <= 1.1.1 is vulnerable to SQL Injection
Software Admin side data storage for Contact Form 7 Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1776 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID caefe13b5aa6 Credits zulu caPWN Required...