Advanced Cf7 Db@* Security Vulnerabilities and Issues — Advanced Cf7 Db@* CVE List

Lucene search

VsourzAdvanced Cf7 Db*

2 matches found

CVE•added 2022/05/25 4:15 p.m.•85 views

CVE-2022-29408

Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin

6.1CVSS5.2AI score0.00273EPSS

CVE•added 2022/03/21 7:15 p.m.•83 views

CVE-2021-24905

The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted, allowing any authenticated user to delete arbitrary files on the web server. For example, removing ...

8CVSS8.2AI score0.00131EPSS