CVE-2024-10898

The Contact Form 7 Email Add on plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9 via the cf7emailaddonaddadmintemplate function. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

WordPress Contact Form 7 Email Add on plugin <= 1.9 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by Le Ngoc Anh in WordPress Plugin Contact Form 7 Email Add on versions = 1.9...