Vulnerabilities > Rocklobster > Contact Form 7 > 5.4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-27 | CVE-2024-4704 | Open Redirect vulnerability in Rocklobster Contact Form 7 The Contact Form 7 WordPress plugin before 5.9.5 has an open redirect that allows an attacker to utilize a false URL and redirect to the URL of their choosing. | 6.1 |
| 2023-12-01 | CVE-2023-6449 | Unrestricted Upload of File with Dangerous Type vulnerability in Rocklobster Contact Form 7 The Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'validate' function and insufficient blocklisting on the 'wpcf7_antiscript_file_name' function in versions up to, and including, 5.8.3. | 7.2 |