Back
WordPress Contact Form 7 plugin <= 5.3.1 - Unrestricted File Upload vulnerability
- Product
- Contact Form 7
- Description
- Unrestricted File Upload vulnerability found by Jinson Varghese Behanan in WordPress Contact Form 7 plugin (versions <= 5.3.1).
- Solution
- Update the WordPress Contact Form 7 plugin to the latest available version (at least 5.3.2).
- Classification
-
Type Arbitrary File Upload
OWASP Top 10 A5: Security Misconfiguration
- References
-
Plugin changelog
Vulnerability details
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 5.3.1
Fixed In 5.3.2
- Disclosure date
- 2020-12-17
- Credits
- Jinson Varghese Behanan