Extensions For CF7 — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in Extensions For CF7, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-24991	WordPress Extensions For CF7 plugin <= 3.4.0 - Insecure Direct Object References (IDOR) vulnerability CWE-639	5.3	Medium	2026-02-03
CVE-2025-24695	WordPress Extensions For CF7 Plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability CWE-918	4.4	Medium	2025-01-24
CVE-2024-29102	WordPress Extensions For CF7 plugin <= 3.0.6 - Unauthenticated Cross Site Scripting (XSS) vulnerability CWE-79	7.1	High	2024-03-19

All 3 known CVE vulnerabilities affecting Extensions For CF7 with full Chinese analysis, references, and POCs where available.