The popular WordPress plugin, Contact Form 7 was found to be vulnerable to Unrestricted File Upload.
Append a unicode special character (from U+0000 [null] to U+001F [us]) to a filename and upload it via the ContactForm7 upload feature
Jinson Varghese Behanan
2020-12-17 (about 1 years ago)
2020-12-21 (about 1 years ago)