Get a Pentest and security assessment of your IT network.

Cyber Security

WordPress plugin with 5 million installs has a critical vulnerability

The team behind a popular WordPress plugin has disclosed a critical file upload vulnerability and issued a patch. The plugin, Contact Form 7, has over 5 million active installs making this urgent upgrade a necessity for WordPress site owners out there. An attacker can upload a crafted file with arbitrary code on the vulnerable server using the plugin. The vulnerability has been discovered and reported by Jinson Varghese Behanan, an information security analyst with Astra Security. The fix made by the project, shown below, contains a fix made for the vulnerability.

Source: https://www.bleepingcomputer.com/news/security/wordpress-plugin-with-5-million-installs-has-a-critical-vulnerability/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation