Contact Form 7 – Dynamic Text Extension — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in Contact Form 7 – Dynamic Text Extension, with AI-generated Chinese analysis, references, and POCs.

Vendor: sevenspark

CVE ID	Title	CVSS	Severity	Published
CVE-2025-63068	WordPress Contact Form 7 Dynamic Text Extension plugin <= 5.0.5 - Content Injection vulnerability CWE-80	6.1^AI	Medium^AI	2025-12-09
CVE-2024-56218	WordPress Contact Form 7 - Dynamic Text Extension plugin <= 5.0.1 - Cross Site Request Forgery (CSRF) vulnerability CWE-352	4.3	Medium	2024-12-31
CVE-2024-10084	Contact Form 7 – Dynamic Text Extension <= 4.5 - Information Disclosure via Shortcode CWE-200	4.3	Medium	2024-11-05
CVE-2023-6630	Contact Form 7 – Dynamic Text Extension <= 4.1.0 - Insecure Direct Object Reference CWE-359	4.3	Medium	2024-01-11

All 4 known CVE vulnerabilities affecting Contact Form 7 – Dynamic Text Extension with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

Contact Form 7 – Dynamic Text Extension — Vulnerabilities & Security Advisories 4