Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:45 a.m.9 views

CVE-2024-9891

The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7zlcustomhandledeactivationpluginformsubmission function in all versions up to, and including, 2.8.1. This makes it possible for...

4.3CVSS6.5AI score0.00334EPSS
Exploits0References1
NVD
NVD
added 2024/10/16 2:15 a.m.14 views

CVE-2024-9891

The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7zlcustomhandledeactivationpluginformsubmission function in all versions up to, and including, 2.8.1. This makes it possible for...

4.3CVSS0.00334EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/16 2:5 a.m.17 views

CVE-2024-9891 Multiline files upload for contact form 7 <= 2.8.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Deactivation

The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7zlcustomhandledeactivationpluginformsubmission function in all versions up to, and including, 2.8.1. This makes it possible for...

4.3CVSS6.5AI score0.00334EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.14 views

WordPress Multiline files upload for contact form 7 Plugin <= 2.8.1 is vulnerable to Broken Access Control

Software Multiline files upload for contact form 7 Type Plugin Vulnerable versions = 2.8.1 Fixed in 2.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9891 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID c40586cc4d31 Credits...

4.3CVSS6.5AI score0.00334EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder