5M WordPress Sites Running the Contact Form 7 Plugin are Open to Attack – Threatpost

A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin.

A patch for the popular WordPress plugin called Contact Form 7 was released Thursday and fixes a critical bug that allows an unauthenticated adversary to takeover a website running the plugin or possibly hijack the entire server hosting the site. The patch comes in the form of a 5.3.2 version update to the Contact Form 7 plugin.

The WordPress utility is active on five million websites with a majority of…


More Info

About mblog.my

Check Also

Re-Creating The New York Times’ Website in Under 30 Minutes Using WordPress.com – WordPress.com News

Re-Creating The New York Times’ Website in Under 30 Minutes Using WordPress.com – WordPress.com News

Using WordPress blocks and the Site Editor to quickly build a lookalike of one of …

Leave a Reply

Your email address will not be published. Required fields are marked *