Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbJinson Varghese BehananWPVDB-ID:7391118E-EEF5-4FF8-A8EA-F6B65F442C63
HistoryDec 17, 2020 - 12:00 a.m.

Contact Form 7 < 5.3.2 - Unrestricted File Upload

2020-12-1700:00:00
Jinson Varghese Behanan
wpscan.com
228
JSON

The popular WordPress plugin, Contact Form 7 was found to be vulnerable to Unrestricted File Upload.

PoC

Append a unicode special character (from U+0000 [null] to U+001F [us]) to a filename and upload it via the ContactForm7 upload feature

CPENameOperatorVersion
contact-form-7lt5.3.2

Related

wpexploit 1
openvas 1
osv 1
githubexploit 2
prion 1
nuclei 1
cve 1
threatpost 1
wpexploit
wpexploit
Contact Form 7 < 5.3.2 - Unrestricted File Upload
2020-12-17 00:00:00
openvas
openvas
WordPress Contact Form 7 Plugin < 5.3.2 RCE Vulnerability
2020-12-22 00:00:00
osv
osv
CVE-2020-35489
2020-12-17 19:15:14
githubexploit
githubexploit
Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact Form 7
2021-04-22 05:17:16
Exploit for Unrestricted Upload of File with Dangerous Type in Rocklobster Contact Form 7
2020-12-24 09:10:17
prion
prion
Unrestricted file upload
2020-12-17 19:15:00
nuclei
nuclei
WordPress Contact Form 7 - Unrestricted File Upload
2021-03-21 17:51:13
cve
cve
CVE-2020-35489
2020-12-17 19:15:00
threatpost
threatpost
5M WordPress Sites Running 'Contact Form 7' Plugin Open to Attack
2020-12-17 22:27:38
JSON
Related for WPVDB-ID:7391118E-EEF5-4FF8-A8EA-F6B65F442C63
wpexploit1openvas1osv1githubexploit2prion1nuclei1cve1threatpost1