The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is not secure in versions up to 1.9.3. This means that someone who is not logged in can use a fake link to try and make an administrator of the website do something they did not plan to. This is due to the plugin not properly checking if the link is real or not.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
