Make WordPress Core

Opened 18 months ago

Closed 18 months ago

Last modified 18 months ago

#55982 closed defect (bug) (invalid)

Advanced Contact form 7 DB - Plugin Security Check

Reported by: vsourz1td's profile vsourz1td Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Security Keywords:
Focuses: Cc:


Hello Support

From the last few days we are getting the security warning "Cross-Site Scripting (XSS)" on our plugin Advanced Contact form 7 DB (

However we have scanned this plugin code and didn't find any issue on our code, can you guys please test the code of our plugin and provide us the vulnerability details.


Change History (4)

#1 @anonymized_17160716
18 months ago

Hello @vsourz1td,

On March 1, I tried to contact you to provide all the necessary data regarding the discovered vulnerability. In return I received only an autoresponder message, and that's it, no more updates from your side.

On May 25 all the information about this issue was emailed to the WordPress Plugins team.

#2 @fierevere
18 months ago

  • Resolution set to invalid
  • Severity changed from critical to normal
  • Status changed from new to closed


This trac is for WordPress core, it does not cover 3rd party plugins and themes.

For any issues please contact theme or plugin authors using their available contacts or use their plugin support forum section.

#3 @fierevere
18 months ago

If you are plugin author, then please use plugins@… to reach plugin review team or use Slack #pluginreview channel

#4 @desrosj
18 months ago

  • Milestone Awaiting Review deleted
Note: See TracTickets for help on using tickets.