cleantalk
Vulnerabilities and Security Researches

WP Zoho for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms – CRM, Bigin, CVE-2025-49330

CVE, Research URL

CVE-2025-49330

Home page URL

Security reports for WP Zoho for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms – CRM, Bigin

Application

WP Zoho for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms – CRM, Bigin

Published on
Jun 17, 2025
Research Description
Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin cf7-zoho allows Object Injection.This issue affects Integration for Contact Form 7 and Zoho CRM, Bigin: from n/a through <= 1.3.0.
Affected versions
max 1.3.1.
Status
vulnerable
Previous vulnerability researches
MDJM Event Management (CVE-2025-52824) , Jul 03, 2025
MDJM Event Management (CVE-2025-22714) , Jan 26, 2025
MDJM Event Management (CVE-2025-31074) , Apr 02, 2025
MDJM Event Management (CVE-2026-1650) , Apr 14, 2026
MDJM Event Management (CVE-2026-7537) , Jun 07, 2026
New vulnerability
Remove Duplicate Posts (CVE-2023-33999) , Jun 13, 2026
Instant Page Load (CVE-2023-33999) , Jun 13, 2026
Elementor Website Builder – More than Just a Page Builder (CVE-2025-67588) , Jun 13, 2026
Elementor Website Builder – More than Just a Page Builder (CVE-2025-11220) , Jun 13, 2026
Floating Social Share Icons and Social Share buttons &#8211; Next Previous Post Links &#8211; FL (CVE-2023-33999) , Jun 13, 2026