CVE-2026-9189 | scottpaterson Contact Form 7 Plugin up to 2.4.9 on WordPress cf7pp_paypal_ipn_handler data authenticity (EUVD-2026-33265)

A vulnerability categorized as critical has been discovered in scottpaterson Contact Form 7 Plugin up to 2.4.9 on WordPress. Affected by this vulnerability is the function cf7pp_paypal_ipn_handler. The manipulation results in insufficient verification of data authenticity.

This vulnerability was named CVE-2026-9189. The attack may be performed from remote. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More