[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-10091":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":50,"name":51,"published":52,"updated":34},10091,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":36,"public_description":37,"public_recommendation":38,"recommendation":34,"references":39,"cvssv3":43,"epss_score":44,"epss_percentile":45,"cve":46,"in_cisa_catalog":48,"date":49,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"critical","Attackers may upload files of any type, bypassing all restrictions placed regarding the allowed upload-able file types on a website. Further, it allows an attacker to inject malicious content such as web shells.","The WordPress plugin Contact Form 7 is prone to an unrestricted file upload and remote code execution (RCE) vulnerability because a filename may contain special characters.","Update to version 5.3.2 or later.",[40,41,42],"https://contactform7.com/2020/12/17/contact-form-7-532/","https://www.getastra.com/blog/911/plugin-exploit/contact-form-7-unrestricted-file-upload/","https://www.jinsonvarghese.com/unrestricted-file-upload-in-contact-form-7/",10,0.90572,0.9961,[47],"CVE-2020-35489",false,"2020-12-17T00:00:00Z","NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.145080","WordPress Contact Form 7 Plugin \u003C 5.3.2 RCE Vulnerability","2020-12-22T00:00:00Z"]