Crmperks: >> Database For Contact Form 7, Wpforms, Elementor Forms >> 1.0.7 Security Vulnerabilities
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection.
CVSS Score
7.8
EPSS Score
0.003
Published
2024-01-16
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.8.
CVSS Score
4.7
EPSS Score
0.002
Published
2023-12-29
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Elementor forms: from n/a through 1.3.0.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-10-31