Lucene search
K

4 matches found

NVD
NVD
added 2025/07/22 7:15 a.m.6 views

CVE-2025-7645

The Extensions For CF7 Contact form 7 Database, Conditional Fields and Redirection plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete-file' field in all versions up to, and including, 3.2.8. This makes it possible for...

8.1CVSS0.00777EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/22 6:38 a.m.8 views

CVE-2025-7645 Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) <= 3.2.8 - Unauthenticated Arbitrary File Deletion Triggered via Admin Form Submission Deletion

The Extensions For CF7 Contact form 7 Database, Conditional Fields and Redirection plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete-file' field in all versions up to, and including, 3.2.8. This makes it possible for...

8.1CVSS0.00777EPSS
Exploits0References3
CVE
CVE
added 2025/07/22 6:38 a.m.29 views

CVE-2025-7645

The CVE-2025-7645 issue affects the WordPress plugin Extensions For CF7 (Extensions For CF7: Contact Form 7 Database, Conditional Fields and Redirection). The root cause is insufficient file path validation in the delete-file field, allowing unauthenticated attackers to delete arbitrary files on ...

8.1CVSS7.6AI score0.00777EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/07/21 10:14 p.m.10 views

WordPress Extensions For CF7 plugin <= 3.2.8 - Unauthenticated Arbitrary File Deletion Triggered via Admin Form Submission Deletion vulnerability

Unauthenticated Arbitrary File Deletion Triggered via Admin Form Submission Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Extensions For CF7 versions = 3.2.8...

8.1CVSS6.8AI score0.00777EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder