Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)
CPE | Name | Operator | Version |
---|---|---|---|
contact_form_submissions | lt | 1.7.1 |