cleantalk
Vulnerabilities and Security Researches

Conditional Fields for Contact Form 7, CVE-2024-50412

CVE, Research URL

CVE-2024-50412

Home page URL

Security reports for Conditional Fields for Contact Form 7

Application

Conditional Fields for Contact Form 7

Published on
Oct 29, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jules Colle Conditional Fields for Contact Form 7 allows Stored XSS.This issue affects Conditional Fields for Contact Form 7: from n/a through 2.4.15.
Affected versions
max 2.5.
Status
vulnerable
Previous vulnerability researches
Conditional Fields for Contact Form 7 (CVE-2023-47838) , Jun 10, 2024
Conditional Fields for Contact Form 7 (CVE-2026-25863) , May 06, 2026
Conditional Fields for Contact Form 7 (0bb038577e135241efdec5ee2901e7ead90280e7) , Jun 07, 2024
Conditional Fields for Contact Form 7 (CVE-2024-50412) , Oct 27, 2024
Conditional Fields for Contact Form 7 (CVE-2024-5804) , Jul 20, 2024
New vulnerability
Royal Elementor Addons and Templates (CVE-2026-4803) , May 06, 2026
Royal Elementor Addons and Templates (CVE-2026-5159) , May 06, 2026
NEX-Forms – Ultimate Form Builder – Contact forms and much more (CVE-2026-5063) , May 06, 2026
Loco Translate (CVE-2026-1921) , May 06, 2026
Conditional Fields for Contact Form 7 (CVE-2026-25863) , May 06, 2026