Contact Form 7 Dynamic Text Extension
Approved changes feed: RSS · Atom
cpe:2.3:a:sevenspark:contact_form_7_-_dynamic_text_extension:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Sevenspark (62fa559c-0057-540d-b481-a3de3ea4d2e0) |
|---|---|
| Product | Contact Form 7 Dynamic Text Extension (22b739c5-7c8b-56f6-b8a9-4dc778a3ed09) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-10084 |
vulnerable | 2026-06-08 06:22:03.543989 |
Contact Form 7 – Dynamic Text Extension <= 4.5 - Information Disclosure via Shortcode
MEDIUM (4.3)
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract the titles and text contents of private and password-protected posts, they do not own.
Published: 2024-11-05T21:29:17.783Z
Updated: 2026-04-08T17:28:41.027Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.