WordPress Contact Form 7 Plugin <= 3.5.2 - Remote Code Execution

Because of this vulnerability, attackers with admin access add uploader tag into contact form at the site and use it for CE via AFU attack. Solution Update the plugin...