Vigov5

Name of the Vulnerable Software and Affected Versions: Contact Form Submissions WordPress plugin versions 1.6.4 and earlier Contact Form Submissions WordPress plugin versions prior to 1.7.1 Description: The issue arises from unvalidated input in the Contact Form Submissions WordPress plugin, which could lead to SQL injection in the `wpcf7 contact form` GET parameter when a high privilege user (admin+) submits a filter request. Recommendations: For versions 1.6.4 and earlier, update to version 1.7.1 or later. For versions prior to 1.7.1, update to version 1.7.1 or later.