cleantalk
Vulnerabilities and Security Researches

Pay with Contact Form 7, CVE-2025-32126

CVE, Research URL

CVE-2025-32126

Home page URL

Security reports for Pay with Contact Form 7

Application

Pay with Contact Form 7

Published on
Apr 04, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cmsMinds Pay with Contact Form 7 allows SQL Injection. This issue affects Pay with Contact Form 7: from n/a through 1.0.4.
Affected versions
Min -, max 1.0.4.
Status
vulnerable
Previous vulnerability researches
Church Admin (CVE-2024-50438) , Oct 28, 2024
Church Admin (CVE-2024-37440) , Jul 02, 2024
Church Admin (CVE-2024-53795) , Dec 08, 2024
Church Admin (CVE-2025-26941) , Mar 28, 2025
Church Admin (CVE-2024-37418) , Jul 08, 2024
New vulnerability
Easy Contact (CVE-2025-30970) , Apr 08, 2025
DyaPress ERP/CRM (CVE-2025-30582) , Apr 08, 2025
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025