6 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7
wpCVE-2020-35489checker CVE-2020-35489 - Introduction T...
Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7
Check-WP-CVE-2020-35489 CVE-2020-35489 The CVE-2020-35489...
Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact_Form_7
Check-WP-CVE-2020-35489 CVE-2020-35489 The CVE-2020-35489...
5M WordPress Sites Running 'Contact Form 7' Plugin Open to Attack
A patch for the popular WordPress plugin called Contact Form 7 was released Thursday. It fixes a critical bug that allows an unauthenticated adversary to takeover a website running the plugin or possibly hijack the entire server hosting the site. The patch comes in the form of a 5.3.2 version...
CVE-2020-35489
The contact-form-7 aka Contact Form 7 plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters...
CVE-2020-35489
Summary (CVE-2020-35489): The WordPress plugin Contact Form 7 (before 5.3.2) is vulnerable to an unrestricted file upload leading to remote code execution because a filename can contain special characters. Affected product: WordPress Contact Form 7 plugin; affected version range: prior to 5.3.2. ...