CVE-2025-4665
WordPress plugin Contact Form CFDB7 versions up to and including 1.3.2 are affected by a pre-authentication SQL injection vulnerability that cascades into insecure deserialization PHP Object Injection. The weakness arises due to insufficient validation of user input in plugin endpoints, allowing...