7 matches found
CVE-2025-12825
The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getcf7formdata' function in all versions up to, and including, 2.5. This makes it possible for unauthenticated attackers to retrieve form settings...
CVE-2025-12825
The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getcf7formdata' function in all versions up to, and including, 2.5. This makes it possible for unauthenticated attackers to retrieve form settings...
CVE-2025-12825 User Registration Using Contact Form 7 <= 2.5 - Authenticated (Subscriber+) Information Exposure
The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getcf7formdata' function in all versions up to, and including, 2.5. This makes it possible for unauthenticated attackers to retrieve form settings...
CVE-2025-12825
The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getcf7formdata' function in all versions up to, and including, 2.5. This makes it possible for unauthenticated attackers to retrieve form settings...
CVE-2025-12825 User Registration Using Contact Form 7 <= 2.5 - Authenticated (Subscriber+) Information Exposure
The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getcf7formdata' function in all versions up to, and including, 2.5. This makes it possible for unauthenticated attackers to retrieve form settings...
CVE-2025-12825
CVE-2025-12825 affects the WordPress plugin User Registration Using Contact Form 7. The issue is a missing capability check in get_cf7_form_data across all versions up to and including 2.5, enabling unauthorized data access (including Facebook app secrets) by unauthenticated users. Connected sour...
PT-2026-3347
The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get cf7 form data' function in all versions up to, and including, 2.5. This makes it possible for unauthenticated attackers to retrieve form...