CVE-2021-24125

Summary

Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)

Affected Software

VendorProductVersion RangeStatus
UnknownContact Form Submissions1.7.1 < 1.7.1affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References