WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. An arbitrary file download vulnerability exists in Wordpress Drag & Drop Contact Form Plugin 1.0.5 and prior versions, which stems from the product’s file download feature not effectively handling special symbols. An attacker could download arbitrary files through this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress drag & drop contact form plugin | le | 1.0.5 |