Back

CVE-2024-6317

July 9, 2024, 6:19 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Generate PDF using Contact Form 7 plugin for WordPress

  • up to 4.0.6

Source

security@wordfence.com

Tags

security@wordfence.com
2024-07-09
CVE-2024-6317

CVE-2024-6317 details

Published : July 9, 2024, 8:15 a.m.
Last Modified : July 9, 2024, 6:19 p.m.

Description

The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.0.6. This is due to missing nonce validation and the plugin not properly validating a file or its path prior to deleting it in the 'wp_cf7_pdf_dashboard_html_page' function. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS Score

1 2 3 4 5 6 7 8.8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

8.8

Exploitability Score

2.8

Impact Score

5.9

Base Severity

HIGH

Vector String : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

URL Source
https://plugins.trac.wordpress.org/browser/generate-pdf-using-contact-form-7/tags/4.0.6/inc/templates/cf7-pdf-generation.admin.html.php#L74 security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/455b9695-e140-4bdb-b626-5c1695518563?source=cve security@wordfence.com
This website uses the NVD API, but is not approved or certified by it.