The Live Preview for Contact Form 7 plugin for WordPress has a security vulnerability in versions up to, and including, 1.2.0. This means that people with a subscriber-level account or higher can change the settings of the plugin without authorization. This could be used to do things like change the contact form settings without permission.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
