CVE-2025-22686
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2025-22686 is a Missing Authorization vulnerability affecting the CF7 Google Sheets Connector from versions n/a through 5.0.17. This issue allows unauthorized access to data or functionality due to incorrectly configured access control security levels in GSheetConnector. An attacker can exploit this vulnerability to gain unauthorized access to Google Sheets connected to the plugin, potentially resulting in data theft or unintended modifications. Organizations using the affected version of CF7 Google Sheets Connector are urged to update to a patch release as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.