Vulnerabilities > Ciphercoin > Contact Form 7 Database Addon > 1.2.5.9

DATE CVE VULNERABILITY TITLE RISK
2022-11-21 CVE-2022-3634 Unspecified vulnerability in Ciphercoin Contact Form 7 Database Addon
The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when output it back in a CSV file, which could lead to CSV injection
network
low complexity
ciphercoin
critical
 9.8
9.8
2021-12-22 CVE-2021-36885 Cross-site Scripting vulnerability in Ciphercoin Contact Form 7 Database Addon
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.6.1).
network
low complexity
ciphercoin CWE-79
6.1
6.1
2021-12-22 CVE-2021-36886 Cross-Site Request Forgery (CSRF) vulnerability in Ciphercoin Contact Form 7 Database Addon
Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.5.9).
network
low complexity
ciphercoin CWE-352
8.8
8.8