Medium 5.3 Unfixed
2025-12-09≤ 5.0.5
CVE-2025-63068
Contact Form 7 – Dynamic Text Extension
Minimum safe version
5.0.2
Update to 5.0.2 or later to address 8 fixable vulnerabilities
Latest available5.0.5 ✓⚠ 1 vulnerability has no fix
Medium 4.3
2024-12-31< 5.0.2
CVE-2024-56218
Medium 4.3
2024-11-05< 4.5.1
CVE-2024-10084
Medium 4.3
2024-01-11< 4.2.0
CVE-2023-6630
N/A
2023-01-20< 3.0.0
WordPress Contact Form 7 Dynamic Text Extension Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
N/A
2023-01-19< 3.0.0
Contact Form 7 Dynamic Text Extension <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
N/A
2019-07-24< 2.0.3
Contact Form 7 Dynamic Text Extension < 2.0.3 - Reflected Cross-Site Scripting
N/A
< 2.0.3
Contact Form 7 Dynamic Text Extension <= 2.0.2.1 - Reflected XSS
N/A
2019-07-26< 2.0.3
WordPress Contact Form 7 Dynamic Text Extension plugin <= 2.0.2.1 - Reflected Cross-Site Scripting (XSS) vulnerability