Sevenspark Contact Form 7 – Dynamic Text Extension
4 CVEs affecting Sevenspark Contact Form 7 – Dynamic Text Extension. Latest disclosed: 2025-12-09. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-63068 | Medium | 5.3 | 2025-12-09 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in sevenspark Contact Form 7 – Dynamic Text Extension contact-form-… |
CVE-2024-56218 | Medium | 4.3 | 2024-12-31 | Cross-Site Request Forgery (CSRF) vulnerability in sevenspark Contact Form 7 – Dynamic Text Extension contact-form-7-dynamic-text-extension allows Cross Site R… |
CVE-2024-10084 | Medium | 4.3 | 2024-11-05 | The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via th… |
CVE-2023-6630 | Medium | 4.3 | 2024-01-11 | The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0… |