Searchenginejournal.com

Contact Form 7 Vulnerability in +5 Million Sites

A vulnerability has been discovered in Contact Form 7 that allows an attacker to upload malicious scripts. The publishers of Contact Form 7 have released an update to fix the vulnerability. An ...
Bleeping Computer

WordPress plugin with 5 million installs has a critical vulnerability

The team behind a popular WordPress plugin has disclosed a critical file upload vulnerability and issued a patch. The vulnerable plugin, Contact Form 7, has over 5 million active installs making this ...
CSOonline

SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.