CyberSec.Space Logo
CVEブラウザに戻る

CVE-2026-23970

HIGH
7.1
CVSS Severity Score
EPSS Score0.0440%
EPSS Percentile33.84th
Published2026年6月15日
Last Modified2026年6月15日

Vulnerability Description

Unauthenticated Cross Site Scripting (XSS) in Redirection for Contact Form 7 <= 3.2.8 versions.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://patchstack.com/database/wordpress/plugin/wpcf7-redirect/vulnerability/wordpress-redirection-for-contact-form-7-plugin-3-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve

関連する脆弱性情報

CVE-2026-361110.0

The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default co...

CVE-2026-2018210.0

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after ...

CVE-2026-2012710.0

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN M...

CVE-2026-1052010.0

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenti...