Contact Form Submissions < 1.7.1 - Authenticated SQL Injection
CVE-2021-24125
7.2HIGH
What is CVE-2021-24125?
Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)
Affected Version(s)
Contact Form Submissions 1.7.1