CVE-2024-11038

The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary shortcode execution via wpbpcffirecontactform AJAX action in all versions up to, and including, 1.7.5. This is due to the software allowing users to...

PT-2024-16721 · WordPress · Wpb Popup For Contact Form 7

Name of the Vulnerable Software and Affected Versions: WPB Popup for Contact Form 7 versions 1.7.5 and earlier Description: The issue is related to arbitrary shortcode execution via the wpb pcf fire contact form AJAX action. This is due to the software allowing users to execute an action that doe...