Vulnerabilities > Ciphercoin > Contact Form 7 Database Addon
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-21 | CVE-2022-3634 | Unspecified vulnerability in Ciphercoin Contact Form 7 Database Addon The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when output it back in a CSV file, which could lead to CSV injection | 9.8 |
| 2021-12-22 | CVE-2021-36885 | Cross-site Scripting vulnerability in Ciphercoin Contact Form 7 Database Addon Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.6.1). | 6.1 |
| 2021-12-22 | CVE-2021-36886 | Cross-Site Request Forgery (CSRF) vulnerability in Ciphercoin Contact Form 7 Database Addon Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.5.9). | 8.8 |
| 2021-03-18 | CVE-2021-24144 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ciphercoin Contact Form 7 Database Addon Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone to a vulnerability that lets remote attackers inject arbitrary formulas into CSV files. | 7.8 |