Send PDF for Contact Form 7, f10734a1ded3f4fb4bf97398bf82b8041b3ec077

CVE, Research URL: f10734a1ded3f4fb4bf97398bf82b8041b3ec077
Home page URL: Security reports for Send PDF for Contact Form 7
Application: Send PDF for Contact Form 7
Published on: Jun 19, 2022
Research Description: Send PDF for Contact Form 7 [send-pdf-for-contact-form-7] < 0.9.2 (closed) Send PDF for Contact Form 7 <= 0.9.1 - Multiple Cross-Site Scripting The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 0.9.1 due to insufficient input sanitization and output escaping on multiple parameters. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser.
Affected versions: Min -, max 0.9.2.
Status: vulnerable