4 matches found
CVE-2024-9891
The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7zlcustomhandledeactivationpluginformsubmission function in all versions up to, and including, 2.8.1. This makes it possible for...
CVE-2024-9891
The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7zlcustomhandledeactivationpluginformsubmission function in all versions up to, and including, 2.8.1. This makes it possible for...
CVE-2024-9891 Multiline files upload for contact form 7 <= 2.8.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Deactivation
The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7zlcustomhandledeactivationpluginformsubmission function in all versions up to, and including, 2.8.1. This makes it possible for...
WordPress Multiline files upload for contact form 7 Plugin <= 2.8.1 is vulnerable to Broken Access Control
Software Multiline files upload for contact form 7 Type Plugin Vulnerable versions = 2.8.1 Fixed in 2.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9891 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID c40586cc4d31 Credits...