cleantalk
Vulnerabilities and Security Researches

Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks, CVE-2025-24726

CVE, Research URL

CVE-2025-24726

Home page URL

Security reports for Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks

Application

Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks

Published on
Jan 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HT Plugins HT Conctact Form 7 allows Stored XSS. This issue affects HT Conctact Form 7: from n/a through 1.2.1.
Affected versions
Min -, max 1.2.2.
Status
vulnerable
Previous vulnerability researches
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-24726) , Jan 25, 2025
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-7340) , Jul 18, 2025
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-7341) , Jul 18, 2025
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-7360) , Jul 18, 2025
Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks (CVE-2025-54015) , Jul 18, 2025
New vulnerability
Wallet System for WooCommerce – Digital Wallet, Cashback Rewards, Recharge User Wallets, View Transaction History (CVE-2025-54041) , Jul 19, 2025
Chatbox Manager (CVE-2025-48167) , Jul 19, 2025
Zuppler Online Ordering (CVE-2025-6053) , Jul 19, 2025
Counter live visitors for WooCommerce (CVE-2025-7359) , Jul 19, 2025
AntiSpam for Contact Form 7 (CVE-2025-54020) , Jul 19, 2025