WordPress Plugin Vulnerabilities

Contact Form 7 < 5.3.2 - Unrestricted File Upload

Description

The popular WordPress plugin, Contact Form 7 was found to be vulnerable to Unrestricted File Upload.

Proof of Concept

Append a unicode special character (from U+0000 [null] to U+001F [us]) to a filename and upload it via the ContactForm7 upload feature

Affects Plugins

Plugin icon
contact-form-7
Fixed in 5.3.2

References

CVE
CVE-2020-35489
URL
https://www.getastra.com/blog/911/plugin-exploit/contact-form-7-unrestricted-file-upload-vulnerability/
URL
https://www.jinsonvarghese.com/unrestricted-file-upload-in-contact-form-7/
URL
https://contactform7.com/2020/12/17/contact-form-7-532/#more-38314

Miscellaneous

Original Researcher
Jinson Varghese Behanan
Submitter
Jinson Varghese Behanan
Submitter website
https://www.getastra.com/
Submitter twitter
JinsonCyberSec
Verified
No
WPVDB ID
7391118e-eef5-4ff8-a8ea-f6b65f442c63

Timeline

Publicly Published
2020-12-17 (about 3 years ago)
Added
2020-12-17 (about 3 years ago)
Last Updated
2020-12-21 (about 3 years ago)

Other

Published
Title
Published
2023-02-14
Title
Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload
Published
2014-08-01
Title
N-Media File Uploader < 2.0 Arbitrary File Upload
Published
2023-12-04
Title
MW WP Form < 5.0.2 - Unauthenticated Arbitrary File Upload
Published
2015-03-29
Title
VideoWhisper Video Presentation 3.31.17 - Remote File Upload
Published
2024-04-18
Title
Forminator < 1.29.0 - Unauthenticated Arbitrary File Upload