A critical vulnerability was found in Contact Form 7. The WordPress utility is activated on more than 5 million websites, and 70% of these are running the unprotected 5.3.1 version or older. The vulnerability allows attackers to bypass Contact Form 7’s filename sanitization and upload a file that can be executed as a script file on the host server.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.