cleantalk
Vulnerabilities and Security Researches

Contact Form 7 – PayPal & Stripe Add-on, CVE-2024-48021

CVE, Research URL

CVE-2024-48021

Home page URL

Security reports for Contact Form 7 – PayPal & Stripe Add-on

Application

Contact Form 7 – PayPal & Stripe Add-on

Published on
Oct 17, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on allows Reflected XSS.This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through 2.3.
Affected versions
Min -, max 2.3.1.
Status
vulnerable
Previous vulnerability researches
Contact Form 7 – PayPal & Stripe Add-on (CVE-2024-48021) , Oct 12, 2024
Contact Form 7 – PayPal & Stripe Add-on (CVE-2025-47518) , May 09, 2025
Contact Form 7 – PayPal & Stripe Add-on (CVE-2024-10683) , Nov 10, 2024
Contact Form 7 – PayPal & Stripe Add-on (CVE-2024-29130) , Jun 07, 2024
Contact Form 7 – PayPal & Stripe Add-on (CVE-2023-24405) , Jun 07, 2024
New vulnerability
SMS Alert Order Notifications – WooCommerce (CVE-2025-3876) , May 11, 2025
SMS Alert Order Notifications – WooCommerce (CVE-2025-3878) , May 11, 2025
WordPress Review Plugin: The Ultimate Solution for Building a Review Website (CVE-2025-2158) , May 11, 2025
Drag and Drop Multiple File Upload for WooCommerce (CVE-2025-4403) , May 11, 2025
Contact Us By Lord Linus (CVE-2025-1382) , May 11, 2025