Generate PDF using Contact Form 7 <= 4.0.6 - Cross-Site Request Forgery to Arbitrary File Deletion
CVE-2024-6317
8.8HIGH
Key Information:
- Vendor
- Wordpress
- Vendor
- CVE Published:
- 9 July 2024
Summary
The Generate PDF using Contact Form 7 plugin for WordPress contains a vulnerability that exposes systems to Cross-Site Request Forgery attacks, enabling unauthorized file uploads and deletions. This issue arises from the absence of nonce validation and insufficient validation of file paths during file operations within the 'wp_cf7_pdf_dashboard_html_page' function. As a result, unauthenticated attackers can exploit this flaw to remove critical files, such as wp-config.php, potentially leading to full site compromise and remote code execution if an administrator is tricked into executing a malicious link.
Affected Version(s)
Generate PDF using Contact Form 7 * <= 4.0.6
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Credit
István Márton