Boletines de Vulnerabilidades

Severe Vulnerabilities Patched in Redirection for Contact Form 7 Plugin


Información sobre el sistema

   
Software afectado Wordpress

Descripción

On February 11, 2021, our Threat Intelligence team responsibly disclosed several vulnerabilities in Redirection for Contact Form 7, a WordPress plugin used by over 200,000 sites. One of these flaws made it possible for unauthenticated attackers to generate arbitrary nonces for any function. The second flaw made it possible for authenticated attackers to install arbitrary […]

More info:

https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/

Identificadores estándar

Propiedad Valor
CVE CVE-2021-24278 ,CVE-2021-24279 ,CVE-2021-24280 ,CVE-2021-24281 and CVE-2021-24282.

Histórico de versiones

Versión Comentario Data
1.0 Advisory issued 2021-04-27
Ministerio de Defensa
CNI
CCN
CCN-CERT