← Back

Contact Form 7 Connector

contact_form_7_connector

Vendor: Ari Soft • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-24884
1Ari Soft
1Contact Form 7 Connector
Jun 17, 2026
Feb 12, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft Contact Form 7 Connector.This issue affects Contact Form 7 Connector: from n/a through 1.2.2.
CVE-2024-0239
1Ari Soft
1Contact Form 7 Connector
Jun 17, 2026
Jan 16, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The Contact Form 7 Connector WordPress plugin before 1.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against administr...Show more
The Contact Form 7 Connector WordPress plugin before 1.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against administrators.Show less