Vulnerability has been discovered in ContactForm7 5.3.1 and older versions. It allows to an attacker to upload unrestricted files(malicious script) that can be used to take over a site, tamper with a database and so on.
What can be happen?
How to Fix?
Read More : http://techblog.domains.lk/2020/12/contact-form-7-unrestricted-file-upload.html
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7rWnQK33U6umQu2jo7DMu8opSoUbILMfYbt3psT9je7spB2hbI0uxK3PeosIjkYnqDGLYzYnjjSI2tmeFh8_nxO8g04NyfrsgNvfODi-KOvHmtID2aLr7BxuX0oCO2Joa1qcVrVe1nsA/s320/titleimage.png)