Public CVE-2025-13843 disclosure

Contact Form 7 with ChatWork <= 1.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'api_token' and 'roomid' Settings