Vulnerabilities > Vsourz > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-12 | CVE-2023-28167 | Unspecified vulnerability in Vsourz CF7 Invisible Recaptcha Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital CF7 Invisible reCAPTCHA plugin <= 1.3.3 versions. | 8.8 |
| 2023-07-10 | CVE-2023-2493 | Unspecified vulnerability in Vsourz ALL in ONE Redirection The All In One Redirection WordPress plugin before 2.2.0 does not properly sanitise and escape multiple parameters before using them in an SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. | 7.2 |
| 2022-03-21 | CVE-2021-24905 | Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Advanced CF7 DB The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted, allowing any authenticated user to delete arbitrary files on the web server. | 8.0 |