cleantalk
Vulnerabilities and Security Researches

Submission DOM tracking for Contact Form 7, CVE-2025-47626

CVE, Research URL

CVE-2025-47626

Home page URL

Security reports for Submission DOM tracking for Contact Form 7

Application

Submission DOM tracking for Contact Form 7

Published on
May 07, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados Submission DOM tracking for Contact Form 7 allows Stored XSS. This issue affects Submission DOM tracking for Contact Form 7: from n/a through 2.0.
Affected versions
Min -, max 2.0.
Status
vulnerable
Previous vulnerability researches
WP Mailster (CVE-2024-53737) , Nov 26, 2024
WP Mailster (CVE-2024-53805) , May 06, 2025
WP Mailster (CVE-2024-53804) , May 06, 2025
WP Mailster (CVE-2025-24598) , May 06, 2025
WP Mailster (CVE-2024-53803) , May 06, 2025
New vulnerability
WP jQuery DataTable (CVE-2025-47605) , May 09, 2025
Credova Financial (CVE-2025-47674) , May 09, 2025
Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor (CVE-2025-47617) , May 09, 2025
XT Event Widget for Social Events (CVE-2025-47531) , May 09, 2025
SKT Skill Bar (CVE-2025-47482) , May 09, 2025