CVE-2025-6756 | Ultra Addons for Contact Form 7 Plugin up to 3.5.21 on WordPress Shortcode UACF7_CUSTOM_FIELDS cross site scripting

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability classified as problematic has been found in Ultra Addons for Contact Form 7 Plugin up to 3.5.21 on WordPress. This affects the function UACF7_CUSTOM_FIELDS of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-6756. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-6756 | Ultra Addons for Contact Form 7 Plugin up to 3.5.21 on WordPress Shortcode UACF7_CUSTOM_FIELDS cross site scripting

Post correlati

CVE-2024-12918 | Agito Computer Health4All prior 10.01.2025 sql injection

CVE-2024-9909 | D-Link DIR-619L B1 2.06 /goform/formSetMuti curTime buffer overflow

CVE-2025-27418 | LabRedesCefetRJ WeGIA up to 3.2.15 adicionar_tipo_atendido.php tipo cross site scripting

CVE-2024-12121 | Broken Link Checker Plugin up to 2.5.0 on WordPress server-side request forgery