Divi WordPress Theme

Topic: WordPress Custom Contact Forms critical vulnerability  (Read 999 times)

Offline Kailash

  • Web Hosting Master
  • *****
  • Administrator
  • Posts: 604
  • iTrader: +153/-0
    • View Profile
WordPress Custom Contact Forms critical vulnerability
« on: August 22, 2014, 01:08:31 PM »
There was a critical vulnerability disclosed in WordPress Custom Contact Forms plugin. The vulnerability is existed in plugin version 5.1.0.3 and lower.

Using this vulnerability, it is possible to dump your database without any authentication hence it is highly recommend you to upgrade it as soon as possible. This was patched in plugin version 5.1.0.4. For more details, refer Critical Vulnerability Disclosed on WordPress Custom Contact Forms Plugin.

- Kailash
VPS Hosting - AccuWebHosting

Offline WebhostingTalk

  • Junior Guru
  • *****
  • Premium Member
  • Posts: 54
  • iTrader: +2/-0
    • View Profile
Re: WordPress Custom Contact Forms critical vulnerability
« Reply #1 on: August 26, 2014, 12:00:57 PM »
This was really a serious vulnerability. WordPress has included the option to apply security update automatically on core WordPress. They should also offer similar functionality for plugins as well so that it can be patched automatically.
Divi WordPress Theme
Tags: