Reflected XSS Vulnerability in Table & Contact Form 7 Database
CVE-2024-29110

7.1HIGH

Key Information:

Vendor: WordPress
Status: Table & Contact Form 7 Database – Tablesome
Vendor: CVE Published:; 19 March 2024

What is CVE-2024-29110?

The vulnerability identified pertains to improper neutralization of input during web page generation, commonly referred to as Cross-site Scripting (XSS). This security flaw allows an attacker to exploit the Pauple Table & Contact Form 7 Database by crafting malicious scripts that could be executed within the context of the user's browser. As a result, this vulnerability poses potential risks such as session hijacking, data manipulation, and unauthorized actions. Affected users should apply necessary patches and updates to mitigate the risks associated with versions up to 1.0.27.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Table & Contact Form 7 Database – Tablesome <= 1.0.27

References

https://patchstack.com/database/vulnerability/tablesome/w...

vdb-entry

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Mar 19, 2024
Vulnerability Reserved
Mar 15, 2024

Credit

Jean Tirstan T (Patchstack Alliance)

JSON

WordPress