CVE-2025-24708
WordPress WP Dynamics CRM plugin <= 1.1.6 - Reflected Cross Site Scripting (XSS) vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-dynamics-crm allows Reflected XSS.This issue affects WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through <= 1.1.6.
| CWE | CWE-79 |
| Vendor | crm perks |
| Product | wp dynamics crm for contact form 7, wpforms, elementor, formidable and ninja forms |
| Published | Jan 27, 2025 |
| Last Updated | Apr 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for crm perks wp dynamics crm for contact form 7, wpforms, elementor, formidable and ninja forms
Be the first to know when new unknown vulnerabilities affecting crm perks wp dynamics crm for contact form 7, wpforms, elementor, formidable and ninja forms are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
CRM Perks / WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms
0 โค 1.1.6
References
Credits
Abdi Pranata | Patchstack Bug Bounty Program