VYPR

Cf7 Google Sheets Connector

by WordPress

Source repositories

CVEs (9)

  • CVE-2023-2330HigJul 17, 2023
    risk 0.57cvss 8.8epss 0.00

    The Caldera Forms Google Sheets Connector WordPress plugin before 1.3 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack

  • CVE-2023-2329HigJul 17, 2023
    risk 0.57cvss 8.8epss 0.00

    The WooCommerce Google Sheet Connector WordPress plugin before 1.3.6 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack

  • CVE-2023-44989HigMar 26, 2024
    risk 0.49cvss 7.5epss 0.01

    Insertion of Sensitive Information into Log File vulnerability in GSheetConnector CF7 Google Sheets Connector.This issue affects CF7 Google Sheets Connector: from n/a through 5.0.5.

  • CVE-2024-5654MedJun 8, 2024
    risk 0.42cvss 6.5epss 0.00

    The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'execute_post_data_cg7_free' function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated…

  • CVE-2023-2333MedJul 4, 2023
    risk 0.40cvss 6.1epss 0.01

    The Ninja Forms Google Sheet Connector WordPress plugin before 1.2.7, gsheetconnector-ninja-forms-pro WordPress plugin through 1.2.7 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against…

  • CVE-2023-2321MedJul 4, 2023
    risk 0.40cvss 6.1epss 0.00

    The WPForms Google Sheet Connector WordPress plugin before 3.4.6, gsheetconnector-wpforms-pro WordPress plugin through 3.4.6 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high…

  • CVE-2023-2320MedJul 4, 2023
    risk 0.40cvss 6.1epss 0.00

    The CF7 Google Sheets Connector WordPress plugin before 5.0.2, cf7-google-sheets-connector-pro WordPress plugin through 5.0.2 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high…

  • CVE-2023-2334MedMay 15, 2025
    risk 0.35cvss 5.4epss 0.00

    The edd-google-sheet-connector-pro WordPress plugin before 1.4, Easy Digital Downloads Google Sheet Connector WordPress plugin before 1.6.6 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an…

  • CVE-2025-22686MedFeb 3, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in WesternDeal CF7 Google Sheets Connector cf7-google-sheets-connector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Google Sheets Connector: from n/a through <= 5.0.17.