Advanced Contact form 7 DB

Vulnerabilities 12Slug advanced-cf7-dbLatest version 2.1.1WordPress.org →

Minimum safe version

2.1.0

Update to 2.1.0 or later to address 12 fixable vulnerabilities

Latest available2.1.1 ✓

N/A

2026-04-09< 2.1.0

WordPress Advanced Contact form 7 DB Plugin <= 2.0.9 is vulnerable to Broken Access Control

Patchstack Wordfence CVE

N/A

2026-04-08< 2.1.0

Advanced CF7 DB <= 2.0.9 - Cross-Site Request Forgery to Form Entry Deletion

Wordfence CVE

N/A

2025-04-07< 2.0.9

Advanced Contact form 7 DB <= 2.0.8 & Import any XML, CSV or Excel File to WordPress <= 3.8.0 - Use of Vulnerable Component (PHPExcel)

Wordfence CVE

Medium 5.3

2024-06-11< 2.0.3

CVE-2024-3723

CVE Wordfence

Medium 5.3

2024-06-11< 2.0.3

CVE-2024-4319

CVE Patchstack Wordfence

N/A

2019-04-11< 1.6.1

Advanced Contact form 7 DB <= 1.6.0 - SQL Injection

Wordfence

N/A

< 1.6.1

Advanced Contact form 7 DB <= 1.6.0 - Authenticated SQL Injection

WPScan

N/A

2017-08-24< 1.1.1

WordPress Advanced Contact form 7 DB Plugin <= 1.1.0 - Authenticated Information Disclosure Vulnerability

Patchstack

N/A

2019-04-12< 1.6.1

WordPress Advanced Contact form 7 DB plugin <= 1.6.0 - Authenticated SQL Injection (SQLi) vulnerability

Patchstack

Medium 4.7

2022-05-25< 1.8.8

CVE-2022-29408

CVE Patchstack Wordfence WPScan

High 8.0

2022-03-21< 1.8.7

CVE-2021-24905

CVE Patchstack Wordfence WPScan

Critical 9.8

2020-09-22< 1.7.1

Advanced Contact Form 7 DB <= 1.6.2 - SQL Injection

Wordfence CVE Patchstack WPScan