CVE-2021-24125

 

Published at: - 18-03-2021 04:15

Last modified: - 27-05-2022 08:46

Total changes: - 4

Description

Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

 

Verification logic

 

Reference

• N/A-Exploit, Third Party Advisory

 

Keywords

NVD

 

CVE-2021-24125

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures