CVE-2025-6212
Published
CVSS v3
7.2
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Database module in versions 3.5.11 to 3.5.19 due to insufficient input sanitization and output escaping. The unfiltered field names are stored alongside the sanitized values. Later, the admin-side AJAX endpoint ajax_get_table_data() returns those raw names as JSON column headers, and the client-side DataTables renderer injects them directly into the DOM without any HTML encoding. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
<p>50+ Essential Addons for Contact Form 7 – Conditional Fields, Multi Step, Redirection, Columns, WooCommerce, Mailchimp & more</p>
<h3>THE EASIEST AND BEST CONTACT FORM 7 ADDONS PLUGIN FOR WORDPRESS</h3>
<p>๐ Official Demo Link: <a href="https://cf7addons.com/?utm_source=wp_readme&utm_medium=uacf7_top_slot&utm_campaign=website" rel="nofollow ugc">Click Here</a><br />
๐ Explore Pro: <a href="https://cf7addons.com/backend-demo/" rel="nofollow ugc">Play with Backend Options</a><br />
๐ Buy Pro Version: <a href="https://cf7addons.com/pricing/?utm_source=wp_readme&utm_medium=uacf7_top_slot&utm_campaign=pro_link" rel="nofollow ugc">Click Here</a><br />
๐ Get Support: <a href="https://portal.themefic.com/support/?utm_source=wp_readme&utm_medium=uacf7_top_slot&utm_campaign=plugin_support" rel="nofollow ugc">Click Here</a><br />
๐ Video Guide on <a href="https://www.youtube.com/playlist?list=PLY0rtvOwg0ylGspzo7TcT-8x0FH_O5XVV" rel="nofollow ugc">Youtube</a><br />
๐ Our <a href="https://themefic.com/docs/uacf7/getting-started/installation/?utm_source=wp_readme&utm_medium=uacf7_top_slot&utm_campaign=plugin_docs" rel="nofollow ugc">Documentation</a><br />
๐ Join Our <a href="https://facebook.com/groups/ultimate.cf7" rel="nofollow ugc">Facebook Group</a></p>
<p>Equipped with over 50 essential features, <strong>Ultra Addons For Contact Form 7</strong> is the must-have plugin to complement Contact Form 7. It significantly enhances the functionality of your website’s forms created using <a href="https://wordpress.org/plugins/contact-form-7/" rel="ugc">Contact Form 7</a>. This All-in-One WordPress Contact Form plugin includes a wide range of options, from basic to advanced, catering to all the needs of your website Contact Forms. Such incredible features are what make this one of the <a href="https://www.templatemonster.com/awards/winners-2023/" rel="nofollow ugc">best WordPress contact form</a> plugins.</p>
<h4>FREE ADDONS</h4>
<ul>
<li>AI Form Generator</li>
<li>Columns / Grid Layout</li>
<li>Conditional Field</li>
<li>Country List with Flag & Phone</li>
<li>Database</li>
<li>Digital Signature</li>
<li>Dynamic Text Extension</li>
<li>Form Styler</li>
<li>Mailchimp Integration</li>
<li>Multi-Step Form</li>
<li>Pabbly/Zapier (Webhook)</li>
<li>Pre-populate fields</li>
<li>PDF Generate</li>
<li>Placeholder Styling</li>
<li>Redirection (External / Thank You Page)</li>
<li>Range Slider</li>
<li>Star Rating Field</li>
<li>Submission ID</li>
<li>Spam Protection</li>
<li>Telegram Integration</li>
<li>WooCommerce Product Dropdown</li>
</ul>
<h4>PRO ADDONS</h4>
<ul>
<li>Booking/Appointment Form</li>
<li>Column (Custom Width)</li>
<li>Conditional Field Pro</li>
<li>Conditional Redirect</li>
<li>Conversational form</li>
<li>Form Styler (Global)</li>
<li>Frontend Post Submission (CF7 to Post Type / Blog)</li>
<li>IP Geo Fields (Autocomplete Country, City, State, Zip Fields)</li>
<li>Multi Step Form Pro</li>
<li>Range Slider Pro</li>
<li>Repeater Field</li>
<li>Star Rating Field (Pro)</li>
<li>WhatsApp integration and Form Tag Support</li>
<li>WooCommerce Checkout</li>
<li>WooCommerce Product Dropdown Pro</li>
<li>Spam Protection (Pro)</li>
<li>Database Pro (Pro)</li>
<li>MailChimp Pro</li>
<li>Form Submission Preview (Pro)</li>
<li>Save and Continue Later (Pro)</li>
<li>Weekly Email Summary (Pro)</li>
<li>Email Piping (Pro)</li>
<li>PDF Generate (Pro)</li>
<li>Drag & Drop Multiple File Uploads</li>
<li>Google reCAPTCHA Integration</li>
<li>Google Sheets Integration</li>
<li>Slack Integration</li>
<li>Twilio Integration</li>
<li>Prevent Duplicate Entries</li>
<li>Salesforce Integration</li>
</ul>
<h3>How It works:</h3>
<span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/FkQJ-REIMTk?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span>
<h4>How to set up Conditional Fields for Contact Form 7</h4>
<span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/canveIpBSLY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span>
<h4>How to Style Contact Form 7 Forms without CSS/Coding</h4>
<span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/auKK0JQzrsc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span>
<h4>How to Use Contact Form 7 Fields With Columns / Grid</h4>
<span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/cSRnUbrKN4s?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span>
<h4>How to Connect Contact Form 7 with WooCommerce</h4>
<span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/avpgcp1DfS8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span>
<p><strong>Find more videos on our <a href="https://www.youtube.com/playlist?list=PLY0rtvOwg0ylGspzo7TcT-8x0FH_O5XVV" rel="nofollow ugc">Youtube Channel</a></strong></p>
<h3>Free Version:</h3>
<h4>AI Form Generator | Contact Form 7 Form Templates</h4>
<p>This feature empowers you to create a variety of <a href="https://cf7addons.com/preview/ai-form-generator/" rel="nofollow ugc">Contact Form 7 templates free</a> with the power of AI. These form templates serve as a foundation, facilitating a quick start for your website’s forms.</p>
<h4>Contact Form 7 Column / Grid Layout</h4>
<p>Easily create forms with multiple columns – <a href="https://cf7addons.com/preview/contact-form-7-columns-or-grid/" rel="nofollow ugc">Contact Form 7 two column</a>, three Columns; even Four columns. Each form is fully responsive.</p>
<h4>Contact Form 7 Conditional Fields</h4>
<p>Our <a href="https://cf7addons.com/preview/contact-form-7-conditional-fields/" rel="nofollow ugc">Conditional Fields for Contact Form 7</a> addon will help you implement conditional logic to show or hide fields based on user selections and backend logic, making your WP Contact form more interactive and user-friendly.</p>
<h4>Contact Form 7 Country Dropdown with Flag and Phone</h4>
<p>Add a <a href="https://cf7addons.com/preview/contact-form-7-country-dropdown/" rel="nofollow ugc">Contact Form 7 phone number with country code</a> and flags for all countries. The tag field will automatically fill in country names in the standard dropdown of Contact Form 7.</p>
<h4>Contact Form 7 Database</h4>
<p>Our <a href="https://cf7addons.com/preview/contact-form-7-database/" rel="nofollow ugc">Contact Form 7 save to database</a> addon allows you to view all form submissions from the WordPress Dashboard. This Contact form 7 DB addon also enables you to export submission data to a CSV file.</p>
<h4>Contact Form 7 Signature Addon</h4>
<p>This feature introduces a <a href="https://cf7addons.com/preview/contact-form-7-signature-addon/" rel="nofollow ugc">Contact Form 7 digital signature</a> capability, allowing users to easily add a signature field to WordPress forms.</p>
<h4>Contact Form 7 Dynamic Text Extension</h4>
<p>The <a href="https://cf7addons.com/preview/contact-form-7-dynamic-text-extension/" rel="nofollow ugc">Dynamic text Contact Form 7</a> for Contact Form 7 lets you auto-populate text and hidden fields with values from URLs, posts, user data, or custom fields. Use it to auto-fill user info, post ID, title, slug, product number, and more via shortcodes.</p>
<h4>Contact Form 7 Hidden Field</h4>
<p>The above Dynamic Text Addon can also be used to generate hidden field values.</p>
<h4>Form Styler | Contact form 7 Style</h4>
<p>Our <a href="https://cf7addons.com/preview/contact-form-7-style-addon/" rel="nofollow ugc">Contact Form 7 style plugin</a> allows you to fully customize your formsโcontrol label colors, backgrounds, fonts (style, size, weight, family), input field colors and sizes, plus button styles like color, background, border, padding, and margin. Style every part of Contact Form 7 with custom CSS and advanced design options.</p>
<h4>Contact form 7 CSS Templates</h4>
<p>This feature allows you to add custom CSS for Contact Form 7, giving you effortless control over the Contact Form 7 css style.</p>
<h4>Contact Form 7 Mailchimp Integration</h4>
<p>Link your <a href="https://cf7addons.com/preview/contact-form-7-mailchimp/" rel="nofollow ugc">Mailchimp and Contact Form 7</a>accounts using this addon. It ensures that submissions from Contact Form 7 are automatically added to a specific list in Mailchimp through Mailchimp’s API.</p>
<h4>Contact Form 7 Multi Step Forms</h4>
<p>Our <a href="https://cf7addons.com/preview/contact-form-7-multi-step-forms/" rel="nofollow ugc">Multi step Form Contact Form 7</a> addon simplifies the process of creating multi-step forms with Contact Form 7. This option is perfect for managing longer forms efficiently.</p>
<h4>Contact Form 7 Webhook (Pabbly / Zapier contact form 7)</h4>
<p>The <a href="https://cf7addons.com/preview/pabbly-zapier-webhook/" rel="nofollow ugc">Contact Form 7 Zapier / Pabbly</a> addon facilitates the transfer of form data to third-party services such as Zapier and Pabbly, or any similar platform, using our CF7 to webhook addon.</p>
<h4>Pre-populate Field | Contact Form 7 Auto Populate Fields</h4>
<p>Use our <a href="https://cf7addons.com/preview/contact-form-7-pre-populate-fields/" rel="nofollow ugc">Pre-populate Fields for Contact Form 7</a> to dynamically get values from the URL and auto-fill Contact Form 7 input fields. Easily populate your forms with URL parameters for a smoother user experience. It supports passing data from one form to another after submission.</p>
<h4>Contact Form 7 PDF</h4>
<p>The <a href="https://cf7addons.com/preview/pdf-generator/" rel="nofollow ugc">Send PDF for Contact Form 7</a> addon automatically generates a PDF upon a WordPress contact form 7 submission, which is then sent to both the admin’s and the submitter’s email addresses.</p>
<h4>Contact Form 7 Placeholder Styler</h4>
<p>Our <a href="https://cf7addons.com/preview/contact-form-7-placeholder-styling/" rel="nofollow ugc">Placeholder Styler for Contact Form 7</a> allows you to easily customize placeholder text by adjusting color, background, font size, family, style, and weight without any CSS coding.</p>
<h4>Contact Form 7 Range Slider</h4>
<p>Enhance your Contact Form 7 by incorporating <a href="https://cf7addons.com/preview/contact-form-7-range-slider/" rel="nofollow ugc">Range slider</a> fields, enabling users to select values within a specific range through a smooth, interactive slider interface. Ideal for capturing preferences or quantities in a form.</p>
<h4>Contact Form 7 Redirect after Submit</h4>
<p>Our <a href="https://cf7addons.com/preview/redirection-for-contact-form-7/" rel="nofollow ugc">Redirection for Contact Form 7</a> addon allows you to redirect users to a custom URL after form submission. Redirect to a thank you page or any external site, and choose to open the page in the same tab or a new tab.</p>
<h4>Contact Form 7 Star Rating Field</h4>
<p>Star ratings provide a straightforward and effective method for gathering customer feedback on the quality of your products or services. By utilizing our <a href="https://cf7addons.com/preview/contact-form-7-star-rating/" rel="nofollow ugc">Star Rating fields to Contact Form 7</a> addon, you can effortlessly incorporate a star rating system into your Contact Form 7.</p>
<h4>Contact Form 7 Submission ID</h4>
<p>Our <a href="https://cf7addons.com/preview/unique-id-for-contact-form-7/" rel="nofollow ugc">UniqueID for Contact Form 7</a> addon helps to add a unique ID to each form submission, offering an ideal solution for maintaining a tracking ID for every submission, ensuring efficient management and reference of your form entries.</p>
<h4>Contact Form 7 Spam Protection</h4>
<p>Our <a href="https://cf7addons.com/preview/spam-protection/" rel="nofollow ugc">Spam Protection for Contact Form 7</a> addon will help you to prevent Spam using Arithmetic and Image Recognition. This will provide an additional layer of protection alongside the Contact Form 7 reCAPTCHA settings.</p>
<h4>Contact Form 7 to Telegram</h4>
<p>With Our <a href="https://cf7addons.com/preview/contact-form-7-telegram/" rel="nofollow ugc">Contact Form 7 Telegram</a> addon, you can seamlessly transfer your form submission data directly to your Telegram channel.</p>
<h4>Contact form 7 WooCommerce Integration</h4>
<p>Our <a href="https://cf7addons.com/preview/contact-form-7-woocommerce/" rel="nofollow ugc">Contact Form 7 WooCommerce Product Dropdown Field</a> addon allows you to display all WooCommerce products in a dropdown on your form. When submitted, the selected product details are sent to your email, making it easy for customers to inquire about products via Contact Form 7.</p>
<p>More free addons are on the way. <strong>Stay tuned!</strong></p>
<h3>Pro Version</h3>
<p>The Pro version includes all the features available in the free version. Plus:</p>
<h4>Contact Form 7 Booking Form / Appointment Form</h4>
<p>This feature enables the creation of a <a href="https://cf7addons.com/preview/contact-form-7-booking-form/" rel="nofollow ugc">Booking form / Appointment Form</a> with Contact Form 7. It allows for the inclusion of calendar and time slots directly in the form, facilitating efficient booking management.</p>
<h4>Custom Column Width for Contact Form 7</h4>
<p>This feature assists in customizing the <a href="https://cf7addons.com/preview/custom-columns-grid-layout/" rel="nofollow ugc">column widths of your form</a> to your preferred dimensions. You have the flexibility to set any column size; for instance, you can design a two-column layout with one column at 12% width and the other at 88%, among other configurations.</p>
<h4>CF7 Conditional fields Pro</h4>
<p>Our <a href="https://cf7addons.com/preview/conditional-field-pro/" rel="nofollow ugc">Conditional Field Pro</a> addon enables you to apply advanced conditional logic to various fields, including Range Slider, Star Rating Field, Country Dropdown, IP Geolocation, and more, enhancing the functionality and user experience of your forms.</p>
<h4>Contact Form 7 Conditional Redirect</h4>
<p>This option offers to <a href="https://cf7addons.com/preview/conditional-redirect-for-contact-form-7/" rel="nofollow ugc">redirect users to different pages</a> based on their form responses. For example, selecting โYesโ can redirect to one page, while โNoโ directs to another, providing a tailored user experience based on their choices.</p>
<h4>WordPress Conversational Form</h4>
<p>Create engaging and interactive <a href="https://cf7addons.com/preview/conversational-form-for-contact-form-7/" rel="nofollow ugc">conversational forms</a> with our WordPress Conversational forms addons, transforming the standard form into a dynamic, chat-like experience, making form submission more intuitive and less monotonous.</p>
<h4>Contact form 7 Global Form Styler</h4>
<p>With <a href="https://cf7addons.com/preview/global-form-styler/" rel="nofollow ugc">Global Form Styler</a>, style all your forms from a single location, eliminating the need to individually style each form.</p>
<h4>Contact Form 7 to Blog Submission</h4>
<p>Create a <a href="https://cf7addons.com/preview/contact-form-7-to-post-type/" rel="nofollow ugc">Frontend post submission form</a> with Contact Form 7. Each submission publishes a new post you can manage from your dashboard and display on your site. Add title, description, category, and featured image by default. Easily connect any custom fields for added flexibility.</p>
<h4>Contact Form 7 to Custom Post Type</h4>
<p>Effortlessly convert submissions from Contact Form 7 into a <a href="https://cf7addons.com/preview/contact-form-7-to-post-type/" rel="nofollow ugc">custom post type</a>.</p>
<h4>Contact Form 7 Autocomplete Country, City, State, Zip Fields</h4>
<p>This feature enables the integration of <a href="https://cf7addons.com/preview/contact-form-7-autocomplete/" rel="nofollow ugc">IP Geolocation</a> into Contact Form 7, allowing fields such as Country, City, State, and Zip to be automatically filled based on the user’s geolocation.</p>
<h4>Multistep Contact form 7 (Pro)</h4>
<p>The <a href="https://cf7addons.com/preview/multi-step-form/pro/" rel="nofollow ugc">Pro version of Multi-Step Forms</a> offers premium pre-built templates with attractive designs. Choose any design skin to auto-generate a styled form. It also supports button text editing and adding background images for enhanced customization.</p>
<h4>Contact form 7 Range Slider Pro</h4>
<p>The <a href="https://cf7addons.com/preview/range-slider-pro" rel="nofollow ugc">Pro version of Range Slider</a> features a variety of premium, pre-built layouts.</p>
<h4>Contact form 7 Repeatable Fields</h4>
<p>Our <a href="https://cf7addons.com/preview/repeater-field-for-contact-form-7/" rel="nofollow ugc">Contact Form 7 Repeater field</a> addon enables the inclusion of repeatable fields within Contact Form 7, allowing for the duplication of various types of fields, including text, files, checkboxes, radio buttons, and textareas.</p>
<h4>Contact Form 7 Star Rating Field Pro</h4>
<p>While the free version offers one Star Field icon, the Pro version enhances your options with <a href="https://cf7addons.com/preview/star-rating-pro/" rel="nofollow ugc">5 Built-In Rating Styles</a>. If these styles don’t meet your needs, the Pro version also allows adding any icon from Font Awesome.</p>
<h4>Contact form 7 Whatsapp Integration + CF7 Tag Support</h4>
<p>Tag support for CF7 fields allows data to pass through the redirect URL. Additionally, you can activate <a href="https://cf7addons.com/preview/contact-form-7-whatsapp-integration/" rel="nofollow ugc">WhatsApp Contact Form 7 integration</a>. For instance, using tag support in the format https://yourdomain.com/?name=[your-name], the name field can be forwarded to WhatsApp or any desired destination.</p>
<h4>Contact form 7 WooCommerce Checkout / Auto Add to Cart</h4>
<p>Integrate <a href="https://cf7addons.com/preview/contact-form-7-woocommerce-checkout/" rel="nofollow ugc">WooCommerce Checkout</a> with your Contact Form 7. When customers select a product and submit the form, they are redirected to the cart with the product added, enabling a smooth checkout process using WooCommerce payment options.</p>
<h4>
WordPress Plugin Directory