WordPress Contact Form 7 Multi-Step Addon plugin <= 1.0.5 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Contact Form 7 Multi-Step Addon versions = 1.0.5...

WordPress Contact Form 7 Multi-Step Addon Plugin <= 1.0.5 is vulnerable to Backdoor

Software Contact Form 7 Multi-Step Addon Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8aae8a0dc1cb Credits Sansec.io Required privilege Unauthenticated...

WordPress Contact Form 7 Multi-Step Addon plugin 1.0.4 to 1.0.5 - Injected Backdoor vulnerability

Injected Backdoor vulnerability discovered by WordFence in WordPress Plugin Contact Form 7 Multi-Step Addon versions 1.0.4-1.0.5...

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts

Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the...

WordPress Contact Form 7 Multi-Step Addon Plugin 1.0.4-1.0.5 is vulnerable to Backdoor

Software Contact Form 7 Multi-Step Addon Type Plugin Vulnerable versions 1.0.4-1.0.5 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Backdoor CVE CVE-2024-6297 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 210ed7e4774a Credits WordFence Required privilege...