A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin. A patch for the popular WordPress plugin called Contact Form 7 was ...
Owners of WordPress sites who use the Contact Form 7 Datepicker plugin are urged to remove or deactivate it to prevent attackers from creating rogue admins or taking over admin sessions after ...
The affected contact form plugins are Ninja Forms, (with over 800,000 installations) and Contact Form Plugin by Fluent Forms (+300,000 installations). The vulnerabilities are not related to each other ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback