Qube One Redirection for Contact Form 7 Plugin Unauthenticated Options Change and Content Injection Vulnerability

Qube One Redirection for Contact Form 7 Plugin Unauthenticated Options Change and Content Injection Vulnerability

CVE-2021-36913 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin <= 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension (plugin) AccessiBe.

Learn more about our Wordpress Pen Testing.