cleantalk
Vulnerabilities and Security Researches

Accept PayPal Payments using Contact Form 7, CVE-2026-39707

CVE, Research URL

CVE-2026-39707

Home page URL

Security reports for Accept PayPal Payments using Contact Form 7

Application

Accept PayPal Payments using Contact Form 7

Published on
Apr 08, 2026
Research Description
Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept PayPal Payments using Contact Form 7: from n/a through <= 4.0.4.
Affected versions
max 4.0.5.
Status
vulnerable
Previous vulnerability researches
Accept PayPal Payments using Contact Form 7 (CVE-2026-39707) , Apr 14, 2026
New vulnerability
WPGraphQL (CVE-2026-33290) , Apr 18, 2026
WPGraphQL (CVE-2026-27938) , Apr 18, 2026
RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-1054) , Apr 18, 2026
Drag and Drop Multiple File Upload &#8211; Contact Form 7 (CVE-2026-5710) , Apr 18, 2026
Drag and Drop Multiple File Upload &#8211; Contact Form 7 (CVE-2026-5718) , Apr 18, 2026