Threat Post

5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack

A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin. A patch for the popular WordPress plugin called Contact Form 7 was ...
Searchenginejournal.com

Elementor WordPress Contact Form Plugin Vulnerability Exposes Up To 200,000 Sites

A stored XSS vulnerability is one in which a website fails to properly secure an input, like a submission form, which allows a hacker to upload a malicious script to the server. The script is then ...