CVE-2021-24689
N/A
N/A
Summary
The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Contact Forms – Drag & Drop Contact Form Builder | 1.0.5 <= 1.0.5 | affected |
Weaknesses
- CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.