cleantalk
Vulnerabilities and Security Researches

Message Filter for Contact Form 7, 2ce5bc58e1bc50015a71852601e76f74ab79ea10

CVE, Research URL

2ce5bc58e1bc50015a71852601e76f74ab79ea10

Home page URL

Security reports for Message Filter for Contact Form 7

Application

Message Filter for Contact Form 7

Published on
Jul 19, 2023
Research Description
Message Filter for Contact Form 7 [cf7-message-filter] < 1.4.3 WordPress Message Filter for Contact Form 7 Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Message Filter for Contact Form 7 plugin to the latest available version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Message Filter for Contact Form 7 Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.4.3.
Affected versions
Min -, max 1.4.3.
Status
vulnerable
Previous vulnerability researches
Message Filter for Contact Form 7 (CVE-2024-54254) , Dec 11, 2024
Message Filter for Contact Form 7 (CVE-2024-12026) , Dec 07, 2024
Message Filter for Contact Form 7 (CVE-2024-12027) , Dec 07, 2024
Message Filter for Contact Form 7 (CVE-2025-46252) , Apr 24, 2025
Message Filter for Contact Form 7 (CVE-2024-39647) , Aug 04, 2024
New vulnerability
Advanced Accordion Gutenberg Block (CVE-2025-2543) , Apr 25, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce &#8211; Light (CVE-2025-39378) , Apr 25, 2025
PowerPress Podcasting plugin by Blubrry (CVE-2024-9230) , Apr 25, 2025
Capturly (CVE-2025-39379) , Apr 25, 2025
Frontend Login and Registration Blocks (CVE-2025-3607) , Apr 25, 2025