Advanced Contact form 7 DB <= 1.6.1 - SQL Injection

Affects Plugin

fixed in version 1.7.1

References

CVE 2019-13571
URL https://fortiguard.com/zeroday/FG-VD-19-093

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Original Researcher Tin Duong of Fortinet's FortiGuard Labs
Views 3333
Verified No
WPVDB ID 9479

Timeline

Publicly Published 2019-07-26 (about 1 month ago)
Added 2019-07-26 (30 days ago)
Last Updated 2019-07-26 (30 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin