| Reporter | Title | Published | Views | Family All 18 |
|---|---|---|---|---|
| Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7 | 31 May 202302:12 | – | githubexploit | |
| Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7 | 24 Dec 202009:10 | – | githubexploit | |
| Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7 | 22 Apr 202105:17 | – | githubexploit | |
| The vulnerability of the Contact Form 7 plugin of the WordPress content management system allows a hacker to upload files of any type and execute arbitrary code. | 16 Jun 202300:00 | – | bdu_fstec | |
| CVE-2020-35489 | 17 Dec 202022:42 | – | circl | |
| Wordpress contact-form-7 代码问题漏洞 | 17 Dec 202000:00 | – | cnnvd | |
| Wordpress contact-form-7 code issue vulnerability | 20 Jan 202100:00 | – | cnvd | |
| CVE-2020-35489 | 17 Dec 202018:16 | – | cve | |
| CVE-2020-35489 | 17 Dec 202018:16 | – | cvelist | |
| CVE-2020-35489 | 17 Dec 202019:15 | – | nvd |
id: CVE-2020-35489
info:
name: WordPress Contact Form 7 - Unrestricted File Upload
author: soyelmago
severity: critical
description: WordPress Contact Form 7 before 5.3.2 allows unrestricted file upload and remote code execution because a filename may contain special characters.
impact: |
Successful exploitation of this vulnerability could result in unauthorized access to the target system and potential remote code execution.
remediation: |
Update to the latest version of the Contact Form 7 plugin to mitigate this vulnerability.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2020-35489
- https://web.archive.org/web/20210125141546/https://www.getastra.com/blog/911/plugin-exploit/contact-form-7-unrestricted-file-upload-vulnerability/
- https://wordpress.org/plugins/contact-form-7/#developers
- https://www.jinsonvarghese.com/unrestricted-file-upload-in-contact-form-7/
- https://contactform7.com/2020/12/17/contact-form-7-532/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2020-35489
cwe-id: CWE-434
epss-score: 0.81728
epss-percentile: 0.98365
cpe: cpe:2.3:a:rocklobster:contact_form_7:*:*:*:*:*:wordpress:*:*
metadata:
max-request: 1
vendor: rocklobster
product: contact_form_7
framework: wordpress
tags: cve,cve2020,wordpress,wp-plugin,rce,rocklobster
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt"
matchers-condition: and
matchers:
- type: dsl
dsl:
- compare_versions(version, '< 5.3.2')
- type: word
part: body
words:
- "Contact Form 7"
- '== Changelog =='
condition: and
- type: status
status:
- 200
extractors:
- type: regex
name: version
group: 1
regex:
- "(?m)Stable tag: ([0-9.]+)"
internal: true
- type: regex
group: 1
regex:
- "(?m)Stable tag: ([0-9.]+)"
# digest: 4a0a00473045022100af1f6a44be71df3c9a07f178f137fef959ed1244d618811085fce868ef3e24320220601198d66dbfd49b6055125af5efde33ea18ca71f7dee65a351b8bae690c152a:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation