WordPress Plugin Vulnerabilities

N-Media Website Contact Form with File Upload <= 1.5 - Local File Inclusion

Description

The website-contact-form-with-file-upload WordPress plugin was affected by a Local File Inclusion security vulnerability.

Affects Plugins

Plugin icon
website-contact-form-with-file-upload
Fixed in 1.6

References

Exploitdb
36952

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
c88edf83-68c3-435a-be79-19c8d540bf08

Timeline

Publicly Published
2015-06-03 (about 10 years ago)
Added
2015-06-03 (about 10 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2018-09-19
Title
Localize My Post 1.0 - Unauthenticated Local File Inclusion (LFI)
Published
2016-07-13
Title
WP Fastest Cache <= 0.8.5.9 - Local File Inclusion (LFI)
Published
2022-01-31
Title
Essential Addons for Elementor < 5.0.5 - Unauthenticated LFI
Published
2024-06-27
Title
Filter & Grids < 2.8.33 - Unauthenticated LFI
Published
2025-04-03
Title
Publitio < 2.2.2 - Contributor+ Arbitrary File Read