Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Redirection for Contact Form 7 Multiple Vulnerabilities - CVE-2021-24278 - Vulnerability Database
WP Plugin Wpcf7 Redirect

WordPress Plugin Redirection for Contact Form 7 Multiple Vulnerabilities - CVE-2021-24278

High
Reference: CVE-2021-24278
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-24278
Title: WordPress Plugin Redirection for Contact Form 7 Multiple Vulnerabilities
Overview:

WordPress Plugin Redirection for Contact Form 7 is prone to multiple vulnerabilities including security bypass and PHP object injection vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently generate arbitrary nonces install arbitrary plugins delete arbitrary posts or to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin Redirection for Contact Form 7 version 2.3.3 is vulnerable prior versions may also be affected.