CVE-2025-22331

Name of the Vulnerable Software and Affected Versions Cf7Save Extension versions prior to 1

Description The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting (XSS). This enables attackers to inject malicious scripts into web pages.

Recommendations For versions prior to 1, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation. Avoid using potentially vulnerable features in the Cf7Save Extension until the issue is resolved.