Aug08
0

Critical Vulnerability Disclosed on WordPress Custom Contact Forms Plugin

Uncategorized Share this post

If you’re a using the Custom Contact Forms WordPress plugin, you need to update it right away.

During a routine audit for our WAF, we found a critical vulnerability that allows an attacker to download and modify your database remotely (no authentication required).

The vulnerability was disclosed to the plugin developer a few weeks ago, they were unresponsive. The developers were unresponsive so we engaged the WordPress Security team. They were able to close the loops with the developer and get a patch released, you might have missed it:

Read more here or call us for a free assessment of your website’s state of (in)security – Frank 403-291-9811

Leave a Reply

Your email address will not be published. Required fields are marked *