Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2024-11-21
CVE-2022-0248 - Contact Form Submissions Plugin
The Contact Form Submissions WordPress plugin before 1.7.3 does not sanitise and escape additional fields in contact form requests before outputting them in the related submission. As a result, unauthenticated attacker could perform Cross-Site Scripting attacks against admins viewing the malicious submission
PLUGIN
Contact Form Submissions
CVE-2022-0248
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24125 - Contact Form Submissions Plugin
Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)
PLUGIN
Contact Form Submissions
CVE-2021-24125
Risk Score