A WordPress plugin with more than five million active installs has issued an urgent update in an effort to patch a critical file upload vulnerability.
The plugin, Contact Form 7, allows users to add multiple contact forms on their site but was recently found to contain a serious vulnerability by Astra security researchers
The vulnerability is being tracked as CVE-2020-35489 and a patch has been included within the Contact Form 7 5.3.2 update. The Contact Form 7 project has classified the update as “an urgent security and maintenance release” and advised users to install it immediately.
- We've highlighted the best website builder
- We've assembled a list of the best WordPress hosting companies
- These are the best free website builders around
“Our research team led by Jinson Varghese recently discovered a high-severity Unrestricted File Upload vulnerability in the WordPress plugin Contact Form 7 5.3.1 and older versions,” the Astra blog explained.
“By exploiting this vulnerability, attackers could simply upload files of any type, bypassing all restrictions placed regarding the allowed upload-able file types on a website. Further, it allows an attacker to inject malicious content such as web shells into the sites that are using the Contact Form 7 plugin version below 5.3.1 and have file upload enabled on the forms.”
The vulnerability concerns a particular part of the Contact Form 7 plugin code that does not remove special characters from uploaded file names. As such, attackers can upload file names with double-extensions separated by a special character. This could potentially allow an attacker to execute arbitrary code on the victim’s server.
The patched version of Contact Form 7 includes a regular expression validation constraint that means that special characters cannot be exploited in the aforementioned way.
Other double-extension vulnerabilities have been seen elsewhere this year, including one affecting the Drupal CMS platform – a WordPress rival that is used by more than a million websites.
- Also check out our roundup of the best antivirus tools