CVE-2022-0404
The CVE-2022-0404 issue affects the Material Design for Contact Form 7 WordPress plugin (versions ≤ 2.6.4). The root cause is missing authorization checks in the cf7md_dismiss_notice handling, allowing any logged‑in user (even Subscriber) to set arbitrary plugin options to true, potentially causi...