ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Creative Contact Form Plugin - Upload Vulnerability

Product
Creative Contact Form
Description
This vulnerability allows an attacker to upload arbitrary PHP code and execute it.
Solution
Update the plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE- 2014-8739
Versions
Affected In <= 0.9.7
Fixed In 0.9.8
Disclosure date
2015-04-21
Credits
metasploit