CVE-2025-24708

Published Jan 27, 2025

Last updated 7 days ago

Overview

Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-dynamics-crm allows Reflected XSS.This issue affects WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through <= 1.1.6.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Weaknesses

audit@patchstack.com
CWE-79

Social media

Hype score
Not currently trending

  1. Roundcube Webmail 1.6.14 がリリース:任意ファイル書き込みなど複数の深刻な欠陥を修正 https://t.co/kgeAu8Z23y 今回の脆弱性 CVE-2025-24708/CVE-2025-24709

    @iototsecnews

    31 Mar 2026

    157 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-24708 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor… https://t.co/BuIZ0rR17e

    @CVEnew

    27 Jan 2025

    214 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.