Vulnerability Details CVE-2021-36913
Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin <= 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension (plugin) AccessiBe.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.1%
CVSS Severity
CVSS v3 Score 7.5
References
- https://patchstack.com/database/vulnerability/wpcf7-redirect/wordpress-redirection-for-contact-form-7-plugin-2-4-0-unauthenticated-options-change-vulnerability?_s_id=cve
- https://wordpress.org/plugins/wpcf7-redirect/#developers
- https://patchstack.com/database/vulnerability/wpcf7-redirect/wordpress-redirection-for-contact-form-7-plugin-2-4-0-unauthenticated-options-change-vulnerability?_s_id=cve
- https://wordpress.org/plugins/wpcf7-redirect/#developers
Products affected by CVE-2021-36913
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.0.0
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.0.2
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.2
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.2.2
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.2.4
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.2.5
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.2.6
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.2.7
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.2.8
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.2.9
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.3.0
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.3.1
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.3.2
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.3.3
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.3.4
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.3.6
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:1.3.7
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.0
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.1
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.2
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.3
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.4
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.5
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.6
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.7
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.8
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.2.9
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.3.1
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.3.2
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.3.3
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.3.4
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.3.5
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.3.6
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.3.7
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.4.0
-
cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:2.5.0