5 matches found
CVE-2021-24280
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects...
WordPress Redirection for Contact Form 7 Plugin < 2.3.4 Multiple Vulnerabilities
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
CVE-2021-24280
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects...
CVE-2021-24280 Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects...
CVE-2021-24280
The CVE-2021-24280 entry relates to the WordPress plugin Redirection for Contact Form 7 (versions prior to 2.3.4). The vulnerability allows an authenticated user (e.g., a subscriber) to use the import_from_debug AJAX action to inject PHP objects. This is described consistently across multiple sou...