Rocklobsterinc Contact Form 7
3 CVEs affecting Rocklobsterinc Contact Form 7. Latest disclosed: 2025-04-16. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6449 | Medium | 6.6 | 2023-12-01 | The Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'validate' function and insuffi… |
CVE-2024-2242 | Medium | 6.1 | 2024-03-13 | The Contact Form 7 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘active-tab’ parameter in all versions up to, and including, 5… |
CVE-2025-3247 | Medium | 5.3 | 2025-04-16 | The Contact Form 7 plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 6.0.5 via the 'wpcf7_stripe_skip_spam_check' functi… |