Vulnerabilities and security researches forcf7-styler cf7-styler

Aug 13, 2025

CVE, Research URL: CVE-2025-54028
Home page URL: Security reports for Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Application: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Date: -
Research Description: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler [cf7-styler] < 1.7.3 CVE-2025-54028
Affected versions: Min -, max -.
Status: vulnerable

May 07, 2025

CVE, Research URL: CVE-2022-4974
Home page URL: Security reports for Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Application: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Date: Oct 16, 2024
Research Description: The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions: Min -, max -.
Status: vulnerable

Jan 07, 2025

CVE, Research URL: CVE-2024-12419
Home page URL: Security reports for Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Application: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Date: Jan 07, 2025
Research Description: The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. This functionality is also vulnerable to Reflected Cross-Site Scripting. Version 1.7.0 patched the Reflected XSS issue, however, the arbitrary shortcode execution issue remains.
Affected versions: Min -, max -.
Status: vulnerable

Nov 14, 2024

CVE, Research URL: -
Home page URL: Security reports for Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Application: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Date: Nov 13, 2024
Research Description: Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-51689. Reason: This candidate is a reservation duplicate of CVE-2024-51689. Notes: All CVE users should reference CVE-2024-51689 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Affected versions: Min -, max -.
Status: vulnerable

Nov 07, 2024

CVE, Research URL: CVE-2024-51689
Home page URL: Security reports for Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Application: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Date: Nov 09, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tobias Conrad CF7 WOW Styler allows Reflected XSS.This issue affects CF7 WOW Styler: from n/a through 1.6.8.
Affected versions: Min -, max -.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: 6956166d7008919d4108906e32c495d6d4a17ba4
Home page URL: Security reports for Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Application: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Date: Feb 28, 2022
Research Description: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler [cf7-styler] < 1.5.4 WordPress Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin < 1.4.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin (versions < 1.4.2).
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-34826
Home page URL: Security reports for Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Application: Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
Date: Jun 11, 2024
Research Description: Missing Authorization vulnerability in Tobias Conrad Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler.This issue affects Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler: from n/a through 1.6.4.
Affected versions: Min -, max -.
Status: vulnerable