Primary

Context

Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Full Path Disclosure Vulnerability

Vulnerability

Patched

A full path disclosure vulnerability has been identified in the Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin for WordPress, affecting all versions through 1.4.4. This vulnerability allows unauthenticated attackers to access the full path of the web application, potentially facilitating further attacks. While the disclosed information is not immediately harmful, it could be exploited in conjunction with other vulnerabilities to damage the affected website.

Impact

Exploitation of this vulnerability could lead to unauthorized exposure of the full server path, which may assist in launching additional attacks against the website.

Remediation

Users are advised to update the plugin to version 1.4.5 or a later patched version.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.6

impact

0.6

exploitability

8.2

remediation

7.7

relevance

0.1

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.6

impact

0.6

exploitability

8.2

remediation

7.7

relevance

0.1

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Full Path Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CRM Perks Integration for Salesforce

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating