cleantalk
Vulnerabilities and Security Researches

Redirection for Contact Form 7, CVE-2022-0250

CVE, Research URL

CVE-2022-0250

Home page URL

Security reports for Redirection for Contact Form 7

Application

Redirection for Contact Form 7

Published on
Jul 04, 2022
Research Description
The Redirection for Contact Form 7 WordPress plugin before 2.5.0 does not escape a link generated before outputting it in an attribute, leading to a Reflected Cross-Site Scripting
Affected versions
Min -, max 2.5.0.
Status
vulnerable
Previous vulnerability researches
Redirection for Contact Form 7 (CVE-2023-39920) , Jun 10, 2024
Redirection for Contact Form 7 (CVE-2022-4974) , Nov 14, 2024
Redirection for Contact Form 7 (CVE-2025-8141) , Aug 20, 2025
Redirection for Contact Form 7 (CVE-2025-8289) , Aug 20, 2025
Redirection for Contact Form 7 (CVE-2025-8145) , Aug 20, 2025
New vulnerability
PHP Compatibility Checker , Aug 21, 2025
Infility Global (CVE-2025-47650) , Aug 21, 2025
Contact Manager (CVE-2025-8783) , Aug 21, 2025
Custom Comment (CVE-2025-49889) , Aug 20, 2025
Awesome Support – WordPress HelpDesk & Support Plugin (CVE-2025-53340) , Aug 20, 2025