WordPress Plugin Vulnerabilities

CF7 Google Sheets Connector < 5.0.18 - Missing Authorization

Description

The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 5.0.17. This makes it possible for unauthenticated attackers to perform an unauthorized action.

Affects Plugins

References

Classification

Type
NO AUTHORISATION
CWE

Miscellaneous

Original Researcher
theviper17y
Verified
No

Timeline

Publicly Published
2025-01-31 (about 1 year ago)
Added
2025-02-03 (about 1 year ago)
Last Updated
2025-02-03 (about 1 year ago)

Other