cleantalk
Vulnerabilities and Security Researches

Advanced Contact form 7 DB, CVE-2014-2054

CVE, Research URL

CVE-2014-2054

Home page URL

Security reports for Advanced Contact form 7 DB

Application

Advanced Contact form 7 DB

Published on
Jun 04, 2014
Research Description
PHPExcel before 1.8.0, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, does not disable external entity loading in libxml, which allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Affected versions
Min -, max 2.0.9.
Status
vulnerable
Previous vulnerability researches
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress , Jul 24, 2024
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress (CVE-2022-1961) , Jun 07, 2024
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress (CVE-2022-1707) , Jun 07, 2024
New vulnerability
Administrator Z (CVE-2025-39598) , May 06, 2025
PowerPress Podcasting plugin by Blubrry (CVE-2025-46264) , May 06, 2025
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, P (CVE-2022-4974) , May 06, 2025
WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto (CVE-2024-10260) , May 06, 2025
WP Adminify – WordPress Dashboard Customization | Custom Login | Admin Columns | Dashboard Widget | Media Library Folders (CVE-2022-4974) , May 06, 2025