Log out
Get PRO

Latest

Input validation vulnerability in Integration for Contact Form 7 and Salesforce 1.3.3

  • Severity: high-risk
  • Status: Fixed
  • Publication: July 13, 2023

The Integration for Contact Form 7 and Salesforce plugin for WordPress is vulnerable to a security issue called Open Redirect. Versions up to and including 1.3.3 of the plugin are affected. Attackers can use this vulnerability to redirect users to malicious sites if they can trick them into performing an action. This is because the plugin does not adequately validate a user-supplied parameter.

Detected in:

Integration for Contact Form 7 and Salesforce fixed vulnerable versions: >= * <= 1.3.3
Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms fixed vulnerable versions:
Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms fixed vulnerable versions:
WP Salesforce for Contact Form 7, WPforms, Elementor and Ninja Forms fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.