5M WordPress Sites Running the Contact Form 7 Plugin are Open to Attack – Threatpost

A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin.

A patch for the popular WordPress plugin called Contact Form 7 was released Thursday and fixes a critical bug that allows an unauthenticated adversary to takeover a website running the plugin or possibly hijack the entire server hosting the site. The patch comes in the form of a 5.3.2 version update to the Contact Form 7 plugin.

The WordPress utility is active on five million websites with a majority of…


More Info

About mblog.my

Check Also

Elementary Digital named a WordPress VIP agency partner

WordPress VIP, a leading provider of enterprise WordPress, has added Elementary Digital to its Featured …

Leave a Reply

Your email address will not be published. Required fields are marked *