Vulnerabilities and security researches forcf7-builder cf7-builder

Mar 13, 2025

CVE, Research URL: CVE-2025-28864
Home page URL: Security reports for Builder for Contact Form 7 by Webconstruct – Drag & Drop Contact Form Builder
Application: Builder for Contact Form 7 by Webconstruct – Drag & Drop Contact Form Builder
Date: Mar 12, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Planet Studio Builder for Contact Form 7 by Webconstruct allows Cross Site Request Forgery. This issue affects Builder for Contact Form 7 by Webconstruct: from n/a through 1.2.2.
Affected versions: max 1.2.2.
Status: vulnerable