RSS   Podatności dla 'Contact form 7'   RSS

2020-12-17
 
CVE-2020-35489

CWE-434
 
 
The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters.

 
2019-08-22
 
CVE-2018-20979

CWE-264
 
 
The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type.

 
2014-03-14
 
CVE-2014-2265

CWE-264
 
 
Rock Lobster Contact Form 7 before 3.7.2 allows remote attackers to bypass the CAPTCHA protection mechanism and submit arbitrary form data by omitting the _wpcf7_captcha_challenge_captcha-719 parameter.

 

Copyright 2024, cxsecurity.com

 

Back to Top