Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Accept PayPal Payments using Contact Form 7: Incorrect Access Control
CVE-2026-39707
Summary
A security issue in Accept PayPal Payments using Contact Form 7 allows unauthorized access to certain features. This affects versions 4.0.4 and earlier. If not addressed, an attacker could potentially access and manipulate sensitive information or make unauthorized transactions.
Original title
Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels...
Original description
Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept PayPal Payments using Contact Form 7: from n/a through <= 4.0.4.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026