Filtered by vendor Rocklobster
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40609 | 1 Rocklobster | 1 Contact Form 7 Custom Validation | 2023-11-10 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aiyaz, maheshpatel Contact form 7 Custom validation allows SQL Injection.This issue affects Contact form 7 Custom validation: from n/a through 1.1.3. | |||||
| CVE-2020-35489 | 1 Rocklobster | 1 Contact Form 7 | 2020-12-22 | 10.0 HIGH | 10.0 CRITICAL |
| The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters. | |||||
| CVE-2018-20979 | 1 Rocklobster | 1 Contact Form 7 | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type. | |||||