CVE-2020-35489

2020-12-17T19:15:00
ID CVE-2020-35489
Type cve
Reporter cve@mitre.org
Modified 2020-12-22T12:57:00

Description

The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters.