CVE-2021-36913

Description

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin <= 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension (plugin) AccessiBe.

References

https://wordpress.org/plugins/wpcf7-redirect/#developers

https://patchstack.com/database/vulnerability/wpcf7-redirect/wordpress-redirection-for-contact-form-7-plugin-2-4-0-unauthenticated-options-change-vulnerability?_s_id=cve

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3