Vulnerabilities and security researches forcontact-form-7-skins contact-form-7-skins

Jun 06, 2024

CVE, Research URL: CVE-2021-25063
Home page URL: Security reports for CF7 Skins for Contact Form 7
Application: CF7 Skins for Contact Form 7
Date: Feb 01, 2022
Research Description: The Skins for Contact Form 7 WordPress plugin before 2.5.1 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
Affected versions: max 2.5.1.
Status: vulnerable