WordPress Plugin Vulnerabilities

Redirection for Contact Form 7 < 2.5.0 - Reflected Cross-Site Scripting

Description

The plugin does not escape a link generated before outputting it in an attribute, leading to a Reflected Cross-Site Scripting

Proof of Concept

Affects Plugins

Plugin icon
wpcf7-redirect
Fixed in 2.5.0

References

CVE
CVE-2022-0250

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
ZhongFu Su(JrXnm) of Wuhan University
Submitter
ZhongFu Su(JrXnm) of Wuhan University
Submitter website
https://blog.szfszf.top
Submitter twitter
JrXnm
Verified
Yes
WPVDB ID
05700942-3143-4978-89eb-814ceff74867

Timeline

Publicly Published
2022-03-07 (about 3 years ago)
Added
2022-06-07 (about 3 years ago)
Last Updated
2023-03-10 (about 2 years ago)

Other

Published
Title
Published
2021-06-25
Title
Paid Membership Pro < 2.5.10 - Cross-Site Scripting (XSS)
Published
2025-01-23
Title
Listamester < 2.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-11-16
Title
Quick Call Button <= 1.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings
Published
2024-09-30
Title
Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin < 1.28 - Authenticated (Editor+) Stored Cross-Site Scripting
Published
2014-08-01
Title
podPress 8.8.10.13 - players/1pixelout/1pixelout_player.swf playerID Parameter XSS