Lucene search
K

6 matches found

GithubExploit
GithubExploit
added 2023/05/31 2:12 a.m.37 views

Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7

wpCVE-2020-35489checker CVE-2020-35489 - Introduction T...

10CVSS8.4AI score0.89626EPSS
Exploits4
GithubExploit
GithubExploit
added 2021/04/22 5:17 a.m.457 views

Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7

Check-WP-CVE-2020-35489 CVE-2020-35489 The CVE-2020-35489...

10CVSS8.6AI score0.89626EPSS
Exploits4
GithubExploit
GithubExploit
added 2020/12/24 9:10 a.m.275 views

Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7

Check-WP-CVE-2020-35489 CVE-2020-35489 The CVE-2020-35489...

10CVSS8.6AI score0.89626EPSS
Exploits4
ThreatPost
ThreatPost
added 2020/12/17 10:27 p.m.223 views

5M WordPress Sites Running 'Contact Form 7' Plugin Open to Attack

A patch for the popular WordPress plugin called Contact Form 7 was released Thursday. It fixes a critical bug that allows an unauthenticated adversary to takeover a website running the plugin or possibly hijack the entire server hosting the site. The patch comes in the form of a 5.3.2 version...

9.6AI score0.89626EPSS
Exploits4References11
Cvelist
Cvelist
added 2020/12/17 6:16 p.m.35 views

CVE-2020-35489

The contact-form-7 aka Contact Form 7 plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters...

9.9AI score0.89626EPSS
Exploits4References5
CVE
CVE
added 2020/12/17 6:16 p.m.2215 views

CVE-2020-35489

Summary (CVE-2020-35489): The WordPress plugin Contact Form 7 (before 5.3.2) is vulnerable to an unrestricted file upload leading to remote code execution because a filename can contain special characters. Affected product: WordPress Contact Form 7 plugin; affected version range: prior to 5.3.2. ...

10CVSS9.7AI score0.89626EPSS
Exploits4References5Affected Software1
Rows per page
Query Builder