Medium severity5.9NVD Advisory· Published May 7, 2025· Updated Apr 23, 2026
CVE-2025-47626
CVE-2025-47626
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados Submission DOM tracking for Contact Form 7 cf7-submission-dom-tracking allows Stored XSS.This issue affects Submission DOM tracking for Contact Form 7: from n/a through <= 2.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:apasionados:submission_dom_tracking_for_contact_form_7:*:*:*:*:*:wordpress:*:*+ 1 more
- cpe:2.3:a:apasionados:submission_dom_tracking_for_contact_form_7:*:*:*:*:*:wordpress:*:*range: <=2.0
- (no CPE)range: <=2.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.