Ultimate Addons for Contact Form 7
Themefic
Developer
3.5.32
Latest version
60,000
Installations
Nov 9, 2025
Last updated
Vulnerability history
0 present
8 fixed
5 Mitigation rules
- Authenticated (Contributor+) Stored Cross-Site Scripting via UACF7_CUSTOM_FIELDS Shortcode vulnerability<= 3.5.21Jun 30, 2025
- Unauthenticated Stored Cross-Site Scripting vulnerability3.5.11-3.5.19Jun 26, 2025
- Authenticated (Administrator+) Arbitrary File Upload via 'save_options' vulnerability<= 3.5.12Jun 18, 2025
- Unauthenticated Cross Site Scripting (XSS) vulnerability<= 3.2.0Dec 4, 2023
- Broken Access Control vulnerability<= 3.2.6Nov 9, 2023
- Reflected Cross Site Scripting (XSS) vulnerability<= 3.2.0Aug 28, 2023
- SQL Injection<= 3.1.23May 9, 2023
- SQL Injection vulnerability<= 3.1.23Apr 24, 2023