WordPress · Contact Form 7 · CVE-2023-24420
**Name of the Vulnerable Software and Affected Versions**
Contact Form 7 plugin versions <= 1.1.1
**Description**
The issue is related to an Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in the Admin side data storage of the Contact Form 7 plugin. This vulnerability allows for reflected cross-site scripting attacks.
**Recommendations**
For versions <= 1.1.1, update to a version that contains a fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.