Volerion logoVolerion
Volerion logoVolerion

Ultimate Addons for Contact Form 7 Arbitrary File Upload Vulnerability

Vulnerability

A vulnerability exists in the Ultimate Addons for Contact Form 7 WordPress plugin, in versions through 3.5.12, allowing authenticated users with Administrator-level access to upload arbitrary files. This issue arises from inadequate file type validation in the 'save_options' function, potentially leading to remote code execution.

Impact

Exploitation of this vulnerability could allow for arbitrary file uploads, with the possibility of executing uploaded files as code, depending on the file type and execution context.

Reproduction

To reproduce this vulnerability, log into the WordPress admin panel and navigate to 'Ultimate Addons -> Settings'. Intercept the 'save_options' POST request using a tool like Burp Suite. Append the file data, including a web shell named 'shell.php', into the request. After forwarding the modified request, the response will indicate a successful upload. The uploaded web shell can then be accessed and executed.

Remediation

Users are advised to update the Ultimate Addons for Contact Form 7 plugin to version 3.5.13 or later.

Added: Jun 18, 2025, 12:49 PM
Updated: Jun 18, 2025, 12:49 PM

Vulnerability Rating

Custom Algorithm
spread
3.4
impact
7.5
exploitability
6.3
remediation
7.7
relevance
0.2
threat
6.5
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.