Medium 6.1
2026-05-01< 1.1.17
CVE-2024-13362
Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent
Minimum safe version
1.3.33
Update to 1.3.33 or later to address 18 fixable vulnerabilities
Latest available1.2.9 ✗⚠ 1 vulnerability has no fix
High 8.5
2026-03-05< 1.2.4
CVE-2026-27373
High 8.8
2026-02-19< 1.2.2
CVE-2025-12845
Medium 4.3 Unfixed
2026-01-26≤ 1.2.7
Tablesome <= 1.2.8 - Missing Authorization
Medium 5.0
2025-12-24< 1.1.35.2
CVE-2025-68516
Medium 5.4
2025-12-24< 1.1.35.2
CVE-2025-68517
Medium 4.3
2025-12-09< 1.1.35.1
CVE-2025-66526
Critical 9.8
2025-11-03< 1.3.33
WordPress Tablesome Plugin <= 1.1.32 is vulnerable to Arbitrary File Upload
Medium 6.3
2024-10-16< 0.6.7
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Medium 5.3
2024-07-10< 1.0.34
CVE-2024-37498
Medium 4.3
2024-04-15< 1.0.26
CVE-2024-31388
High 7.1
2024-03-19< 1.0.28
CVE-2024-29110
N/A
2023-07-18< 1.0.15
WordPress Table & Contact Form 7 Database – Tablesome – Data Table & Contact Form 7 Database (CFDB7) Plugin Plugin < 1.0.15 is vulnerable to Cross Site Scripting (XSS)
Medium 6.1
2023-05-15< 1.0.9
CVE-2023-1890
N/A
2023-04-19< 1.0.9
WordPress Table & Contact Form 7 Database – Tablesome – Data Table & Contact Form 7 Database (CFDB7) Plugin Plugin < 1.0.9 is vulnerable to Cross Site Scripting (XSS)
N/A
2023-04-19< 1.0.9
Tablesome <= 1.0.8 - Reflected Cross-Site Scripting
N/A
2022-03-04< 0.6.7
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2022-02-28< 0.6.7
WordPress Table & Contact Form 7 Database – Tablesome – Data Table & Contact Form 7 Database (CFDB7) Plugin plugin < 0.6.7 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 0.6.7
WordPress Table & Contact Form 7 Database – Tablesome – Data Table & Contact Form 7 Database (CFDB7) Plugin plugin < 0.6.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability