Monday, February 7, 2022

WordPress International SMS For Contact Form 7 Integration 1.2 XSS

# Exploit Title: WordPress Plugin International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting (XSS)
# Date: 2022-02-04
# Author: Milad karimi
# Software Link:
# Version: 1.2
# Tested on: Windows 11
# CVE: N/A

1. Description:
This plugin creates a cf7-international-sms-integration from any post types. The slider import search feature and tab parameter via plugin settings are vulnerable to reflected cross-site scripting.

2. Proof of Concept:

//By [Ex3ptionaL]

Copyright © 2021 Vulnerability Database | Cyber Details™

thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore