Contact Form Advanced Database Security Vulnerabilities and Issues — Contact Form Advanced Database CVE List

Contact Form Advanced Database ProjectContact Form Advanced Database

1 matches found

CVE•added 2021/12/13 10:40 a.m.•50 views

CVE-2021-24790

The CVE pertains to the WordPress plugin Contact Form Advanced Database (versions ≤ 1.0.8). The vulnerability arises from missing authorization checks and CSRF protection in two AJAX endpoints, delete_cf7_data and export_cf7_data, which are accessible to any authenticated user (down to subscriber...

4.3CVSS4.8AI score0.0037EPSS

Web