5M WordPress Sites Running the Contact Form 7 Plugin are Open to Attack

A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin.
This post appeared first on ThreatPost – The First Stop for Security News
Author: Tom Spring