A vulnerability has been discovered in Contact Form 7 that allows an attacker to upload malicious scripts. The publishers of Contact Form 7 have released an update to fix the vulnerability.
Unrestricted File Upload Vulnerability
An unrestricted file upload vulnerability in a WordPress plugin is when the plugin allows an attacker to upload a web shell (malicious script) that can then be used to take over a site, tamper with a database and so on.
A web shell is a malicious script that can be written in any web language that is uploaded to a vulnerable site, automatically processed and used to…