CVE-2021-24689

The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:wpeverest:contact_form:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-02-28 01:15

Updated : 2022-03-07 10:30


NVD link : CVE-2021-24689

Mitre link : CVE-2021-24689


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

wpeverest

  • contact_form