WordPress Plugin Vulnerabilities

Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Plugin Installation

Description

In the plugin, low level users, such as subscribers, could use the import_from_debug AJAX action to install any plugin from the WordPress repository.

Proof of Concept

Affects Plugins

Plugin icon
wpcf7-redirect
Fixed in 2.3.4

References

CVE
CVE-2021-24279
URL
https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
5.4 (medium)

Miscellaneous

Original Researcher
Chloe Chamberland
Submitter
Chloe
Submitter website
https://wordfence.com
Submitter twitter
infosecchloe
Verified
Yes
WPVDB ID
75f7690d-7f6b-48a8-a9d1-95578a657920

Timeline

Publicly Published
2021-04-20 (about 4 years ago)
Added
2021-04-20 (about 4 years ago)
Last Updated
2021-04-21 (about 4 years ago)

Other

Published
Title
Published
2024-05-21
Title
AI ChatBot < 5.3.6 - Missing Authorization via openai_file_delete_callback
Published
2021-12-06
Title
Tab - Accordion, FAQ < 1.3.2 - Unauthenticated AJAX Calls
Published
2023-11-28
Title
JetEngine < 3.2.5 - Authenticated (Contributor+) Privilege Escalation
Published
2024-06-06
Title
Strong Testimonials < 3.1.13 - Authenticated(Contributor+) Improper Authorization to Views Modification
Published
2021-08-23
Title
Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Deletion