CVE-2021-24125

Publication date

2021-03-18 14:57:48

Family

WPScan

State

PUBLISHED

Description

Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)