CVE

CVE-2021-24125

CVE-2021-24125

Unvalidated input in the Contact Form Submissions WordPress plugin, versions 1.6.4 and before, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)

Source: CVE-2021-24125

Exit mobile version