Medium severity6.1NVD Advisory· Published Dec 22, 2021· Updated Jun 17, 2026
CVE-2021-36885
CVE-2021-36885
Description
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.6.1).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.2.6.1
- CipherCoin/Contact Form 7 Database Addon – CFDB7 (WordPress plugin)v5Range: <= 1.2.6.1
Patches
Vulnerability mechanics
References
2- patchstack.com/database/vulnerability/contact-form-cfdb7/wordpress-contact-form-7-database-addon-cfdb7-plugin-1-2-6-1-unauthenticated-stored-cross-site-scripting-xss-vulnerabilitynvdThird Party Advisory
- wordpress.org/plugins/contact-form-cfdb7/nvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.