Log out
Get PRO

Latest

Input validation vulnerability in 27 plugins by CRM Perks

  • Severity: medium-risk
  • Status: Fixed
  • Publication: August 26, 2021

Several plugins for the WordPress Content Management System have an input validation vulnerability. This means that an attacker could trick a user into clicking on a malicious link, which could inject malicious web scripts on the page. This could result in the attacker obtaining sensitive information from the user, such as passwords and other personal data. To protect against this vulnerability, users should update their plugins to the latest version, as well as ensure that input validation and output escaping is properly implemented.

Detected in:

Connector for Gravity Forms and Google Sheets fixed vulnerable versions: >= * <= 1.1.0
Contact Form 7 Zendesk fixed vulnerable versions: >= * <= 1.0.7
Contact Form Entries – Contact Form 7, WPforms and more fixed vulnerable versions: >= * <= 1.2.1
Database for Contact Form 7, WPforms, Elementor forms fixed vulnerable versions:
Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms fixed vulnerable versions:
Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms fixed vulnerable versions:
Integration for Contact Form 7 and Keap/Infusionsoft fixed vulnerable versions: >= * <= 1.1.3
Integration for Contact Form 7 and Mailchimp fixed vulnerable versions: >= * <= 1.1.0
Integration for Contact Form 7 and Pipedrive fixed vulnerable versions: >= * <= 1.1.0
Integration for Contact Form 7 and Salesforce fixed vulnerable versions: >= * <= 1.2.5
Integration for Contact Form 7 and Zoho CRM, Bigin fixed vulnerable versions: >= * <= 1.1.8
Integration for Gravity Forms and Pipedrive fixed vulnerable versions: >= * <= 1.0.6
Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms fixed vulnerable versions:
Integration for HubSpot and WooCommerce fixed vulnerable versions: >= * <= 1.0.4
Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms fixed vulnerable versions:
Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms fixed vulnerable versions:
Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms fixed vulnerable versions:
Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms fixed vulnerable versions:
Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms fixed vulnerable versions:
Integration for WooCommerce and QuickBooks fixed vulnerable versions: >= * <= 1.1.8
Integration for WooCommerce and Salesforce fixed vulnerable versions: >= * <= 1.5.8
Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin fixed vulnerable versions: >= * <= 1.2.3
WP Gravity Forms Constant Contact Plugin fixed vulnerable versions: >= * <= 1.0.5
WP Gravity Forms Dynamics CRM fixed vulnerable versions: >= * <= 1.0.7
WP Gravity Forms FreshDesk Plugin fixed vulnerable versions: >= * <= 1.2.8
WP Gravity Forms HubSpot fixed vulnerable versions: >= * <= 1.0.8
WP Gravity Forms Insightly fixed vulnerable versions: >= * <= 1.0.6
WP Gravity Forms Keap/Infusionsoft fixed vulnerable versions: >= * <= 1.1.4
WP Gravity Forms Salesforce fixed vulnerable versions: >= * <= 1.2.5
WP Gravity Forms Zendesk fixed vulnerable versions: >= * <= 1.0.7
WP Gravity Forms Zoho CRM and Bigin fixed vulnerable versions: >= * <= 1.1.5
WP Infusionsoft WooCommerce Plugin fixed vulnerable versions: >= * <= 1.0.8
WP Insightly for Contact Form 7 and Ninja Forms fixed vulnerable versions: >= * <= 1.0.8
WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms fixed vulnerable versions:
WP Keap/Infusionsoft WooCommerce Plugin fixed vulnerable versions:
WP Mailchimp for Contact Form 7, WPForms, Elementor and Ninja Forms fixed vulnerable versions:
WP Salesforce for Contact Form 7, WPforms, Elementor and Ninja Forms fixed vulnerable versions:
WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms fixed vulnerable versions:
WP Zoho for Contact Form 7, WPforms, Elementor and Ninja Forms – CRM, Bigin fixed vulnerable versions:
WP Zoho for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms – CRM, Bigin fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.