cleantalk
Vulnerabilities and Security Researches

Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler, CVE-2025-54028

CVE, Research URL

CVE-2025-54028

Home page URL

Security reports for Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler

Application

Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler

Published on
Aug 20, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Saleswonder Team: Tobias CF7 WOW Styler cf7-styler allows PHP Local File Inclusion.This issue affects CF7 WOW Styler: from n/a through <= 1.7.2.
Affected versions
max 1.7.3.
Status
vulnerable
Previous vulnerability researches
Design for Contact Form 7 Style WordPress Plugin &#8211; CF7 WOW Styler (CVE-2024-10686) , Nov 14, 2024
Design for Contact Form 7 Style WordPress Plugin &#8211; CF7 WOW Styler (CVE-2022-4974) , May 07, 2025
Design for Contact Form 7 Style WordPress Plugin &#8211; CF7 WOW Styler (6956166d7008919d4108906e32c495d6d4a17ba4) , Jun 07, 2024
Design for Contact Form 7 Style WordPress Plugin &#8211; CF7 WOW Styler (CVE-2024-34826) , Jun 07, 2024
Design for Contact Form 7 Style WordPress Plugin &#8211; CF7 WOW Styler (CVE-2024-13362) , May 02, 2026
New vulnerability
CBX 5 Star Rating &amp; Review (CVE-2026-6864) , May 24, 2026
KIA Subtitle (CVE-2026-7509) , May 23, 2026
ZeptoMail (CVE-2025-67972) , May 23, 2026
Design for Contact Form 7 Style WordPress Plugin &#8211; CF7 WOW Styler (CVE-2026-27393) , May 23, 2026
Draft List (CVE-2026-9104) , May 23, 2026