VYPR

Generate PDF Using Contact Form 7

by WordPress

Source repositories

CVEs (2)

  • CVE-2024-6317HigJul 9, 2024
    risk 0.51cvss 8.8epss 0.01

    The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.1.2. This is due to missing nonce validation and the plugin not properly validating a file or its path prior to…

  • CVE-2024-6316HigJul 9, 2024
    risk 0.50cvss 8.8epss 0.01

    The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.1.2. This is due to missing nonce validation and missing file type validation in the…