Skip to main content

Generate Pdf Using Contact Form 7

3 CVEs product

Monthly

CVE-2024-6317 HIGH This Week

The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.1.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload PHP CSRF WordPress RCE +1
NVD
CVSS 3.1
8.8
EPSS
6.0%
CVE-2024-6316 HIGH This Week

The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.1.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload WordPress RCE CSRF Generate Pdf Using Contact Form 7
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2022-3070 MEDIUM POC This Month

The Generate PDF WordPress plugin before 3.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Generate Pdf Using Contact Form 7
NVD WPScan
CVSS 3.1
4.8
EPSS
0.5%
EPSS 6% CVSS 8.8
HIGH This Week

The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.1.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload PHP CSRF +3
NVD
EPSS 3% CVSS 8.8
HIGH This Week

The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.1.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload WordPress RCE +2
NVD
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The Generate PDF WordPress plugin before 3.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Generate Pdf Using Contact Form 7
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy