ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Contact Form 7 Multi-Step Forms plugin <= 3.0.8 - Authenticated Option Update vulnerability (Fremius Library security issue)

Product
Contact Form 7 Multi-Step Forms
Description
Authenticated Option Update vulnerability (Fremius Library security issue) found in WordPress Contact Form 7 Multi-Step Forms plugin (versions <= 3.0.8).
Solution
Update the WordPress Contact Form 7 Multi-Step Forms plugin to the latest available version (at least 3.0.9).
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
Security issue description
CVE
Name CVE-N/A
Versions
Affected In <= 3.0.8
Fixed In 3.0.9
Disclosure date
2019-03-05
Submitter
ThreatPress