Threat Post

Unpatched WordPress Plugin Code-Injection Bug Afflicts 50K Sites

An CRSF-to-stored-XSS security bug plagues 50,000 ‘Contact Form 7’ Style users. A security bug in Contact Form 7 Style, a WordPress plugin installed on over 50,000 sites, could allow for malicious ...
Searchenginejournal.com

WordPress Contact Form 7 Redirection Plugin Vulnerability Hits 300k Sites

A vulnerability advisory was issued for a WordPress Contact Form 7 add-on plugin that enables unauthenticated attackers to “easily” launch a remote code execution. The vulnerability is rated high (8.8 ...