An unrestricted file upload vulnerability in a WordPress plugin is when the plugin allows an attacker to upload a web shell (malicious script) that can then be used to take over a site, tamper with a ...

Owners of WordPress sites who use the Contact Form 7 Datepicker plugin are urged to remove or deactivate it to prevent attackers from creating rogue admins or taking over admin sessions after ...

The Metform Elementor Contact Form builder is a third party add-on to the popular Elementor page builder plugin with over over 200,000 installations. It offers a drag-and-drop interface that makes it ...

A WordPress plugin with more than five million active installs has issued an urgent update in an effort to patch a critical file upload vulnerability. The plugin, Contact Form 7, allows users to add ...