Skip to main content

Cf7 Views 8211 Complete Entry Management For Contact Form 7

1 CVEs product

Monthly

CVE-2026-57411 HIGH This Week

DOM-based cross-site scripting in the WordPress plugin CF7 Views - Complete Entry Management for Contact Form 7 (by Aman) affects all versions from an unspecified start through 3.2.2, letting a remote attacker who lures a user into interacting with a crafted link or page execute arbitrary JavaScript in that user's browser session. The flaw carries a CVSS 3.1 base score of 7.1 with a scope change (S:C), reflecting that script executes outside the vulnerable component's security context. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the issue was disclosed via Patchstack.

XSS Cf7 Views 8211 Complete Entry Management For Contact Form 7
NVD VulDB
CVSS 3.1
7.1
EPSS
0.3%
EPSS 0% CVSS 7.1
HIGH This Week

DOM-based cross-site scripting in the WordPress plugin CF7 Views - Complete Entry Management for Contact Form 7 (by Aman) affects all versions from an unspecified start through 3.2.2, letting a remote attacker who lures a user into interacting with a crafted link or page execute arbitrary JavaScript in that user's browser session. The flaw carries a CVSS 3.1 base score of 7.1 with a scope change (S:C), reflecting that script executes outside the vulnerable component's security context. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the issue was disclosed via Patchstack.

XSS Cf7 Views 8211 Complete Entry Management For Contact Form 7
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy