← Back

Contact Form 7 Dynamic Text Extension

contact_form_7_-_dynamic_text_extension

Vendor: Sevenspark • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-10084
1Sevenspark
1Contact Form 7 Dynamic Text Extension
Jun 17, 2026
Nov 5, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode. This makes it possible for auth...Show more
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract the titles and text contents of private and password-protected posts, they do not own.Show less