CVE-2023-31212 Information

Description

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in CRM Perks Database for Contact Form 7 WPforms Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7 WPforms Elementor forms: from n/a through 1.3.0.

Reference

https://patchstack.com/database/vulnerability/contact-form-entries/wordpress-contact-form-entries-plugin-1-3-0-auth-sql-injection-sqli-vulnerability?_s_id=cve