10 Sep

Vulnerability Details: Authenticated Arbitrary File Viewing Vulnerability in Contact Form 7

This Vulnerability Details post about a vulnerability in the plugin Contact Form 7 provides the details of a vulnerability we ran across while collecting data on vulnerabliities discovered by others for our data set on vulnerabilities in WordPress plugins, so its contents are limited to customers of our service. If you are not currently a customer, you can sign up for free here. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.

[Read more]

09 Oct

Google Not Always Providing Really Relevant Results When Searching For WordPress Plugin Vulnerabilities

In looking at recent traffic from Google coming to our website by way of the Search Analytics portion of Google’s Search Console we noticed that for three of the top five sources of clicks to our website relate to something we don’t have any really relevant content for. The queries all relate to the plugin Contact Form 7:

[Read more]