cleantalk
Vulnerabilities and Security Researches

Accept PayPal Payments using Contact Form 7, CVE-2026-39707

CVE, Research URL

CVE-2026-39707

Home page URL

Security reports for Accept PayPal Payments using Contact Form 7

Application

Accept PayPal Payments using Contact Form 7

Published on
Apr 08, 2026
Research Description
Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept PayPal Payments using Contact Form 7: from n/a through <= 4.0.4.
Affected versions
max 4.0.5.
Status
vulnerable
Previous vulnerability researches
Simple GDPR Cookie Compliance (CVE-2026-24604) , Jan 27, 2026
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2019-25143) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (7d5b4ba83a5c6004460bf267fe534a359e1416b0) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2023-4013) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1621) , Mar 14, 2025
New vulnerability
RegistrationMagic &#8211; Custom Registration Forms, User Registration, Payment, and User Login (CVE-2026-1054) , Apr 18, 2026
Drag and Drop Multiple File Upload &#8211; Contact Form 7 (CVE-2026-5710) , Apr 18, 2026
Drag and Drop Multiple File Upload &#8211; Contact Form 7 (CVE-2026-5718) , Apr 18, 2026
ELEX WordPress HelpDesk &amp; Customer Ticketing System (CVE-2025-9343) , Apr 18, 2026
WP Customer Area (CVE-2026-3464) , Apr 18, 2026