2 matches found
CVE-2018-20979
The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capabilitytype mishandling in registerposttype...
CVE-2018-20979
The CVE-2018-20979 entry concerns the Contact Form 7 WordPress plugin (before 5.0.4). The vulnerability stems from capability_type mishandling in register_post_type, enabling privilege escalation. Affected component is the plugin’s post type registration logic; the root cause is improper handling...