Unauthenticated File Upload vulnerability leading to Remote Code Execution (RCE) discovered by Austin Martin in WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin (versions <= 1.3.3.2).
Update the WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin to the latest available version (at least 1.3.3.3).
CPE | Name | Operator | Version |
---|---|---|---|
drag and drop multiple file upload – contact form 7 | le | 1.3.3.2 |