cleantalk
Vulnerabilities and Security Researches

Contact Form 7 Database Addon – CFDB7, CVE-2021-24144

CVE, Research URL

CVE-2021-24144

Home page URL

Security reports for Contact Form 7 Database Addon – CFDB7

Application

Contact Form 7 Database Addon – CFDB7

Published on
Mar 18, 2021
Research Description
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone to a vulnerability that lets remote attackers inject arbitrary formulas into CSV files.
Affected versions
max 1.2.5.6.
Status
vulnerable
Previous vulnerability researches
Contact Form 7 Database Addon – CFDB7 (CVE-2021-36885) , Jun 07, 2024
Contact Form 7 Database Addon – CFDB7 (CVE-2021-24144) , Jun 07, 2024
Contact Form 7 Database Addon – CFDB7 (CVE-2022-3634) , Jun 07, 2024
Contact Form 7 Database Addon – CFDB7 (CVE-2021-36886) , Jun 07, 2024
Contact Form 7 Database Addon – CFDB7 (CVE-2024-3870) , Jun 07, 2024
New vulnerability
Contact Form 7 Database Addon – CFDB7 , Feb 17, 2026
GoSMTP – SMTP for WordPress , Feb 17, 2026
User Role Editor , Feb 16, 2026
Post Types Order , Feb 11, 2026
Code Snippets , Feb 09, 2026