Redirection for Contact Form 7
Themeisle
Developer
3.2.7
Latest version
300,000
Installations
Oct 15, 2025
Last updated
Vulnerability history
0 present
15 fixed
12 Mitigation rules
- Authenticated (Contributor+) Stored Cross-Site Scripting via qs_date Shortcode vulnerability<= 3.2.6Oct 18, 2025
- Unauthenticated Arbitrary File Deletion vulnerability<= 3.2.4Aug 19, 2025
- Unauthenticated PHP Object Injection via PHAR Deserialization vulnerability<= 3.2.4Aug 19, 2025
- Unauthenticated PHP Object Injection vulnerability<= 3.2.4Aug 19, 2025
- Broken Access Control vulnerability<= 2.9.2Oct 3, 2023
- Reflected Cross Site Scripting (XSS) vulnerability< 2.9.2Jul 18, 2023
- Privilege Escalation vulnerability<= 2.7.0Feb 6, 2023
- Unauthenticated Options Change and Content Injection vulnerability<= 2.4.0Sep 29, 2022
- Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability< 2.5.0Feb 28, 2022
- Sensitive Information Disclosure vulnerability< 2.5.0Feb 28, 2022
- Unauthenticated Arbitrary Nonce Generation vulnerability<= 2.3.3Apr 20, 2021
- Authenticated Arbitrary Plugin Installation vulnerability<= 2.3.3Apr 20, 2021
- Authenticated PHP Object Injection vulnerability<= 2.3.3Apr 20, 2021
- Authenticated Arbitrary Post Deletion vulnerability<= 2.3.3Apr 20, 2021
- Unprotected AJAX Actions vulnerability<= 2.3.3Apr 20, 2021