3 matches found
PT-2025-33895 · WordPress +1 · Redirection For Contact Form 7 +2
Name of the Vulnerable Software and Affected Versions: Redirection for Contact Form 7 plugin for WordPress versions prior to 3.2.5 Description: The Redirection for Contact Form 7 plugin for WordPress is susceptible to PHP Object Injection due to deserialization of untrusted input within the delet...
CVE-2025-2105
The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...
CVE-2025-2485
CVE-2025-2485 affects WordPress plugin Drag and Drop Multiple File Upload for Contact Form 7 (versions