Vsourz Advanced Cf7 Db — known CVE vulnerabilities
Every CVE whose affected-product data names Vsourz Advanced Cf7 Db, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-13571 — CVSS 9.8 (critical): A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of…
CVE-2021-24905 — CVSS 8.0 (high): The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete…
CVE-2022-45285 — CVSS 6.1 (medium): Vsourz Digital Advanced Contact form 7 DB Versions 1.7.2 and 1.9.1 is vulnerable to Cross Site Scripting (XSS).
CVE-2022-29408 — CVSS 4.7 (medium): Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress.