Threat Post

Unpatched WordPress Plugin Code-Injection Bug Afflicts 50K Sites

An CRSF-to-stored-XSS security bug plagues 50,000 ‘Contact Form 7’ Style users. A security bug in Contact Form 7 Style, a WordPress plugin installed on over 50,000 sites, could allow for malicious ...
Searchenginejournal.com

Contact Form 7 Vulnerability in +5 Million Sites

A vulnerability has been discovered in Contact Form 7 that allows an attacker to upload malicious scripts. The publishers of Contact Form 7 have released an update to fix the vulnerability. An ...