WordPress Plugin Vulnerabilities

Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Post Deletion

Description

In the plugin, any authenticated user, such as a subscriber, could use the delete_action_post AJAX action to delete any post on a target site.

Proof of Concept

Affects Plugins

Plugin icon
wpcf7-redirect
Fixed in 2.3.4

References

CVE
CVE-2021-24281
URL
https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
4.2 (medium)

Miscellaneous

Original Researcher
Chloe Chamberland
Submitter
Chloe
Submitter website
https://wordfence.com
Submitter twitter
infosecchloe
Verified
Yes
WPVDB ID
daf12b85-f5ad-4261-ab39-be6840ad3cdc

Timeline

Publicly Published
2021-04-20 (about 4 years ago)
Added
2021-04-20 (about 4 years ago)
Last Updated
2021-04-21 (about 4 years ago)

Other

Published
Title
Published
2024-05-23
Title
Event post < 5.9.5 - Missing Authorization
Published
2020-09-25
Title
Simple:Press < 6.6.1 - Broken Access Control leading to RCE
Published
2023-08-14
Title
Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access
Published
2022-12-28
Title
Optimize images ALT Text (alt tag) & names for SEO using AI < 2.0.8 - Settings Update via CSRF
Published
2024-05-21
Title
UserPro < 5.1.9 - Unauthenticated Account Takeover to Privilege Escalation