CVE-2023-37982

MEDIUM

CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms < 1.3.3 - Open Redirect

Title source: llm

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.3.3.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/cf7-salesforce/wordpress-integration-for-contact-form-7-and-salesforce-plugin-1-3-3-open-redirection-vulnerability?_s_id=cve

Scores

CVSS v3 4.7

EPSS 0.0041

EPSS Percentile 33.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Details

CWE

CWE-601

Status published

Products (2)

CRM Perks/Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms < 1.3.3

crmperks/integration_for_salesforce_and_contact_form_7\,_wpforms\,_elementor\,_ninja_forms < 1.3.3

Published Dec 19, 2023

Tracked Since Feb 18, 2026