Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2020

Contact Form 7 (5.3.1 & below) Vulnerable To Unrestricted File Upload

Before you start reading the description, please log in to your WordPress Admin panel & update all the plugins. Contact Form 7 version 5.3.1 and below were found to be vulnerable to unrestricted file upload vulnerability. This issue has been reported by security researchers at Astra Security. By exploiting this vulnerability, attackers could simply upload files of any type, bypassing all restrictions placed regarding the allowed uploadable file types on a website.

Astra's Security Audit & VAPT Review by Arun Bansal (Founder & CEO of ServerGuy)

99.7% websites have atleast one vulnerability. Astra Security helps you find your website's weaknesses and patch them up before it hurts your business. ServerGuy is well renowned premium managed Magento, WordPress Hosting Platform, offering lightning-fast and scalable infrastructure.