49 matches found
CVE-2025-58989 WordPress Dynamic Text Field For Contact Form 7 Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in silverplugins217 Dynamic Text Field For Contact Form 7 dynamic-text-field-for-contact-form-7 allows Stored XSS.This issue affects Dynamic Text Field For Contact Form 7: from n/a through = 1.0...
WordPress plugin Dynamic Text Field For Contact Form 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
PT-2025-36809
Name of the Vulnerable Software and Affected Versions: Dynamic Text Field For Contact Form 7 versions through 1.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation vulnerability, which allows for Stored Cross-site Scripting XSS. Recommendations:...
CVE-2024-56218
Cross-Site Request Forgery CSRF vulnerability in sevenspark Contact Form 7 – Dynamic Text Extension contact-form-7-dynamic-text-extension allows Cross Site Request Forgery.This issue affects Contact Form 7 – Dynamic Text Extension: from n/a through = 5.0.1...
CVE-2024-10084
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7getpostvar shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract the...
CVE-2024-56218
Cross-Site Request Forgery CSRF vulnerability in sevenspark Contact Form 7 – Dynamic Text Extension contact-form-7-dynamic-text-extension allows Cross Site Request Forgery.This issue affects Contact Form 7 – Dynamic Text Extension: from n/a through = 5.0.1...
CVE-2024-56218
Cross-Site Request Forgery CSRF vulnerability in AuRise Creative, SevenSpark Contact Form 7 Dynamic Text Extension allows Cross Site Request Forgery.This issue affects Contact Form 7 Dynamic Text Extension: from n/a through 5.0.1...
CVE-2024-56218
CVE-2024-56218 describes a Cross-Site Request Forgery (CSRF) vulnerability in Contact Form 7 Dynamic Text Extension (AuRise Creative, SevenSpark). The description states CSRF is possible in versions CF7 Dynamic Text Extension from n/a through 5.0.1. The connected documents confirm the issue type ...
CVE-2024-56218 WordPress Contact Form 7 - Dynamic Text Extension plugin <= 5.0.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in AuRise Creative, SevenSpark Contact Form 7 Dynamic Text Extension allows Cross Site Request Forgery.This issue affects Contact Form 7 Dynamic Text Extension: from n/a through 5.0.1...
WordPress plugin Contact Form 7 Dynamic Text Extension 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...
PT-2024-36752 · WordPress · Contact Form 7 – Dynamic Text Extension
Name of the Vulnerable Software and Affected Versions: Contact Form 7 Dynamic Text Extension versions n/a through 5.0.1 Description: A Cross-Site Request Forgery CSRF issue affects the Contact Form 7 Dynamic Text Extension, allowing unauthorized requests. This can lead to Cross Site Request...
WordPress Contact Form 7 - Dynamic Text Extension plugin <= 5.0.1 - Cross Site Request Forgery (CSRF) vulnerability
WordPress Contact Form 7 - Dynamic Text Extension plugin = 5.0.1 - Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Contact Form 7 – Dynamic Text Extension versions = 5.0.1...
CVE-2024-10084
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7getpostvar shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract the...
CVE-2024-10084
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7getpostvar shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract the...
WordPress Contact Form 7 – Dynamic Text Extension plugin <= 4.5 - Information Disclosure via Shortcode vulnerability
Information Disclosure via Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Contact Form 7 – Dynamic Text Extension versions = 4.5...
WordPress Contact Form 7 Dynamic Text Extension Plugin <= 4.5 is vulnerable to Sensitive Data Exposure
Software Contact Form 7 Dynamic Text Extension Type Plugin Vulnerable versions = 4.5 Fixed in 4.5.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10084 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4a8f9f7ebcd8 Credits...
PT-2024-16017 · WordPress · Contact Form 7 – Dynamic Text Extension
Name of the Vulnerable Software and Affected Versions: Contact Form 7 – Dynamic Text Extension plugin for WordPress versions prior to 4.5.0 Description: The Contact Form 7 – Dynamic Text Extension plugin for WordPress has a Basic Information Disclosure issue. This makes it possible for...
WordPress plugin Contact Form 7 – Dynamic Text Extension 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability exist...
CVE-2023-6630
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the CF7getcustomfield and CF7getcurrentuser shortcodes due to missing validation on a user controlled key. This makes it possible for...
CVE-2023-6630
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the CF7getcustomfield and CF7getcurrentuser shortcodes due to missing validation on a user controlled key. This makes it possible for...