WordPress Contact Form 7 Database CFDB7 SQL Injection Vulnerability
Vulnerability
A SQL injection vulnerability has been identified in the WordPress plugin Contact Form 7 Database – CFDB7, affecting versions through 1.0.0. This vulnerability allows for improper neutralization of special elements used in SQL commands, enabling malicious actors to manipulate database queries.
Impact
Exploitation of this vulnerability could allow attackers to interact directly with the database, potentially leading to unauthorized data access or manipulation.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
5.0exploitability
4.8remediation
0.0relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.