4 matches found
CVE-2025-50040
CVE-2025-50040 is a stored XSS in the WordPress plugin CF7 Spreadsheets, up to version 2.3.2, caused by improper neutralization of input during web page generation. The vulnerability is authenticated (requires a user with at least low privileges and user interaction) and is rated with CVSS v3.1 b...
PT-2025-33204 · Unknown · Moshensky Cf7 Spreadsheets
Name of the Vulnerable Software and Affected Versions: moshensky CF7 Spreadsheets versions through 2.3.2 Description: The vulnerability involves improper neutralization of input during web page generation, leading to a stored cross-site scripting XSS issue in moshensky CF7 Spreadsheets...
CVE-2025-31536
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Reflected XSS.This issue affects CF7 Spreadsheets: from n/a through = 2.3.2...
CVE-2025-31536
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Reflected XSS.This issue affects CF7 Spreadsheets: from n/a through = 2.3.2...