2021-03-21 17:51:13 +00:00
|
|
|
id: 2020-35489
|
|
|
|
info:
|
2021-03-21 19:51:07 +00:00
|
|
|
name: WordPress Contact Form 7 Plugin - Unrestricted File Upload
|
2021-03-21 17:51:13 +00:00
|
|
|
author: soyelmago
|
|
|
|
severity: critical
|
2021-03-21 19:51:07 +00:00
|
|
|
reference:
|
2021-03-21 18:08:38 +00:00
|
|
|
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35489
|
2021-03-21 17:51:13 +00:00
|
|
|
tags: cve,cve2020,wordpress,plugin
|
|
|
|
requests:
|
|
|
|
- method: GET
|
|
|
|
path:
|
|
|
|
- "{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt"
|
|
|
|
matchers-condition: and
|
|
|
|
matchers:
|
|
|
|
- type: status
|
|
|
|
status:
|
|
|
|
- 200
|
|
|
|
- type: word
|
|
|
|
words:
|
|
|
|
- "Contact Form 7"
|
|
|
|
condition: and
|
|
|
|
part: body
|
|
|
|
- type: word
|
|
|
|
words:
|
|
|
|
- "2.0.7"
|
|
|
|
- "2.1"
|
|
|
|
- "2.1.2"
|
|
|
|
- "2.2"
|
|
|
|
- "2.2.1"
|
|
|
|
- "2.3"
|
|
|
|
- "2.3.1"
|
|
|
|
- "2.4"
|
|
|
|
- "2.4.1"
|
|
|
|
- "2.4.2"
|
|
|
|
- "2.4.3"
|
|
|
|
- "2.4.4"
|
|
|
|
- "2.4.5"
|
|
|
|
- "2.4.6"
|
|
|
|
- "3.0"
|
|
|
|
- "3.0.1"
|
|
|
|
- "3.0.2"
|
|
|
|
- "3.1"
|
|
|
|
- "3.1.1"
|
|
|
|
- "3.1.2"
|
|
|
|
- "3.2"
|
|
|
|
- "3.3"
|
|
|
|
- "3.3.1"
|
|
|
|
- "3.3.2"
|
|
|
|
- "3.3.3"
|
|
|
|
- "3.4"
|
|
|
|
- "3.4.1"
|
|
|
|
- "3.4.2"
|
|
|
|
- "3.5"
|
|
|
|
- "3.5.1"
|
|
|
|
- "3.5.2"
|
|
|
|
- "3.5.3"
|
|
|
|
- "3.5.4"
|
|
|
|
- "3.6"
|
|
|
|
- "3.7"
|
|
|
|
- "3.7.1"
|
|
|
|
- "3.7.2"
|
|
|
|
- "3.8"
|
|
|
|
- "3.8.1"
|
|
|
|
- "3.9"
|
|
|
|
- "3.9.1"
|
|
|
|
- "3.9.2"
|
|
|
|
- "3.9.3"
|
|
|
|
- "4.0"
|
|
|
|
- "4.0.1"
|
|
|
|
- "4.0.2"
|
|
|
|
- "4.0.3"
|
|
|
|
- "4.1"
|
|
|
|
- "4.1.1"
|
|
|
|
- "4.1.2"
|
|
|
|
- "4.2"
|
|
|
|
- "4.2.1"
|
|
|
|
- "4.2.2"
|
|
|
|
- "4.3"
|
|
|
|
- "4.3.1"
|
|
|
|
- "4.4"
|
|
|
|
- "4.4.1"
|
|
|
|
- "4.4.2"
|
|
|
|
- "4.5"
|
|
|
|
- "4.5.1"
|
|
|
|
- "4.6"
|
|
|
|
- "4.6.1"
|
|
|
|
- "4.7"
|
|
|
|
- "4.8"
|
|
|
|
- "4.8.1"
|
|
|
|
- "4.9"
|
|
|
|
- "4.9.1"
|
|
|
|
- "4.9.2"
|
|
|
|
- "5.0"
|
|
|
|
- "5.0.1"
|
|
|
|
- "5.0.2"
|
|
|
|
- "5.0.3"
|
|
|
|
- "5.0.4"
|
|
|
|
- "5.0.5"
|
|
|
|
- "5.1"
|
|
|
|
- "5.1.1"
|
|
|
|
- "5.1.2"
|
|
|
|
- "5.1.4"
|
|
|
|
- "5.1.5"
|
|
|
|
- "5.1.6"
|
|
|
|
- "5.1.7"
|
|
|
|
- "5.1.8"
|
|
|
|
- "5.1.9"
|
|
|
|
- "5.2"
|
|
|
|
- "5.2.1"
|
|
|
|
- "5.2.2"
|
|
|
|
- "5.3"
|
|
|
|
- "5.3.1"
|
|
|
|
condition: or
|
|
|
|
part: body
|