Vulnerabilities and Security Researches

Redirection for Contact Form 7, CVE-2021-24280

CVE, Research URL: CVE-2021-24280
Home page URL: Security reports for Redirection for Contact Form 7
Application: Redirection for Contact Form 7
Published on: May 14, 2021
Research Description: In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the import_from_debug AJAX action to inject PHP objects.
Affected versions: Min -, max 2.3.4.
Status: vulnerable