VYPR

Advanced Cf7 Db

by WordPress

Source repositories

CVEs (4)

  • CVE-2019-13571CriJul 29, 2019
    risk 0.64cvss 9.8epss 0.04

    A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.

  • CVE-2024-3723MedJun 11, 2024
    risk 0.34cvss 5.3epss 0.00

    The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.2 via the wp-content/uploads/advanced-cf7-upload directory. This makes it possible for unauthenticated attackers to extract sensitive…

  • CVE-2024-4319MedJun 11, 2024
    risk 0.27cvss 5.3epss 0.00

    The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vsz_cf7_export_to_excel' function in versions up to, and including, 2.0.2. This makes it possible for unauthenticated attackers to download…

  • CVE-2026-0814MedApr 8, 2026
    risk 0.21cvss 4.3epss 0.00

    The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vsz_cf7_export_to_excel' function in all versions up to, and including, 2.0.9. This makes it possible for authenticated attackers, with…