cleantalk
Vulnerabilities and Security Researches

Contact Form 7 Round Robin Lead Distribution, CVE-2025-23812

CVE, Research URL

CVE-2025-23812

Home page URL

Security reports for Contact Form 7 Round Robin Lead Distribution

Application

Contact Form 7 Round Robin Lead Distribution

Published on
Jan 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Contact Form 7 Round Robin Lead Distribution allows Reflected XSS. This issue affects Contact Form 7 Round Robin Lead Distribution: from n/a through 1.2.1.
Affected versions
Min -, max 1.2.1.
Status
vulnerable
Previous vulnerability researches
Connect Contact Form 7 to Constant Contact (CVE-2024-54343) , Dec 14, 2024
Coinbase Commerce for Contact Form 7 (5f306a2af239dc538b6d1cc42b33064c123ce817) , Jun 06, 2024
Contact Form 7 Round Robin Lead Distribution (CVE-2025-23812) , Jan 24, 2025
Contact Form 7 Round Robin Lead Distribution (CVE-2025-23784) , Jan 21, 2025
Contact Form 7 Anti Spambot (CVE-2025-23862) , Jan 18, 2025
New vulnerability
My Reservation System (CVE-2025-7022) , Aug 02, 2025
Connector for Gravity Forms and Google Sheets (CVE-2025-54682) , Aug 02, 2025
Content Egg (CVE-2025-47536) , Aug 02, 2025
Smart Slider 3 (CVE-2025-6348) , Aug 02, 2025
Realtyna Organic IDX plugin + WPL Real Estate (CVE-2025-54052) , Aug 02, 2025