ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Contact Form 7 plugin <= 5.0.3 - Privilege Escalation vulnerability

Product
Contact Form 7
Description
Privilege Escalation vulnerability found by Simon Scannell in WordPress Contact Form 7 plugin (versions <= 5.0.3).
Solution
Update the WordPress Contact Form 7 plugin to the latest available version (at least 5.0.4).
Classification
Type Unknown
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 5.0.3
Fixed In 5.0.4
Disclosure date
2018-09-13
Credits
Simon Scannell
Submitter
ThreatPress