WordPress Plugin Security Update Advisory (CVE-2025-7384)

Aug 22 2025

Overview

We have released a security update to address a vulnerability in our WordPress plugin. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-7384

Contact-form-entries Version: 1.4.3 and earlier

Resolved Vulnerabilities

PHP object injection vulnerability in contact-form-entries (CVE-2025-7384)

Vulnerability Patches

vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-7384

Contact-form-entries Version: 1.4.4

References

[1] Vulnerability Details for Database for Contact Form 7, WPforms, Elementor forms
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/contact-form-entries/database-for-contact-form-7-wpforms-elementor-forms-143-unauthenticated-php-object-injection-to-arbitrary-file-deletion

WordPress Plugin Security Update Advisory (CVE-2025-7384)

Commvault Security Update Advisory (CVE-2025-57790)

N-able Product Security Update Advisory (CVE-2025-8875)

Tags:

Commvault Security Update Advisory (CVE-2025-57790)

N-able Product Security Update Advisory (CVE-2025-8875)