Skip to main content

Vulnerability in Contact Form 7 Datepicker

High Severity Vulnerability Leads to Closure of Plugin with Over 100,000 Installations


On April 1, 2020, the Wordfence Threat Intelligence team discovered a stored Cross Site Scripting (XSS) vulnerability in Contact Form 7 Datepicker, a WordPress plugin installed on over 100,000 sites. As the plugin developer’s github page indicated that the plugin was no longer being maintained, we contacted the WordPress plugins team with our disclosure, and they immediately removed the plugin from the repository for review. We also contacted the plugin’s developer and received a response verifying that they had no plans to maintain it and were satisfied with removing the plugin from the repository.
All Wordfence users, including Wordfence free and Wordfence Premium users, are protected from this vulnerability by the Wordfence Firewall’s built-in XSS protection. Nonetheless, we strongly recommend deactivating and removing this plugin.



Description: Authenticated Stored Cross-Site Scripting(XSS)
Affected PluginContact Form 7 Datepicker
Plugin Slug: contact-form-7-datepicker
Affected Versions: <= 2.6.0
CVE ID: Will be updated once identifier is supplied.
CVSS Score: 7.4(High)
CVSS VectorCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Fully Patched Version: N/A
The Contact Form 7 Datepicker plugin allows users to add a datepicker to forms generated by Contact Form 7, and it includes the ability to modify settings for these datepickers. In order to process these settings, it registered an AJAX action calling a function that failed to include a capability check or a nonce check. As such, it was possible for a logged-in attacker with minimal permissions, such as a subscriber, to send a crafted request containing malicious JavaScript which would be stored in the plugin’s settings.
The next time an authorized user created or modified a contact form, the stored JavaScript would be executed in their browser, which could be used to steal an administrator’s session or even create malicious administrative users.

What should I do?

Although all sites running the Wordfence Web Application Firewall should be protected against this vulnerability, we strongly recommend deactivating and removing the Contact Form 7 Datepicker plugin if it is installed on your site. If your site is running Wordfence, the scanner should alert you if any of your plugins are vulnerable, or have been removed from the WordPress repository. As the Contact Form 7 Datepicker plugin is no longer being maintained, it will likely not ever be patched, so it may be wise to search for an alternative plugin with similar functionality.
Due to the number of sites affected by this plugin’s closure, we are intentionally providing minimal details about this vulnerability to prevent widespread exploitation. We will continue to monitor the situation and provide more details in a future update.
Labels:

Comments

Post a Comment

Popular posts from this blog

5 ways to make better and impressive meetings

Meetings come in all shapes and sizes. There are board meetings, stakeholder meetings, staff meetings, sales meetings — the list is endless. But no matter the purpose, every meeting has one thing in common: how clients, customers and stakeholders perceive you can directly determine the outcome. Months of hard work and tireless effort could all go to waste if you aren’t able to pitch an audience your company’s latest idea, project or venture. Here are five ways to run a successful business meeting and ensure you always leave a positive impression. 1. Measure the mood. If you want your meeting attendees to leave impressed, make sure you exceed their expectations. One way of going above and beyond — without anyone even realizing it — is to take a mental note of the mood of each person as they arrive and sit down. Use a basic scale of 1–10; the lower the number, the more unhappy or irritated the person appears. Then use that information to tailor your actions throughout the meetin
Post a Comment
Read more

Tappay payment gateway integration woocommerce

TapPay  offers fast  payment  flow integration, allowing your customers to  pay  with a click of a button instead of redirecting to other websites, in this article you will see how you can integrate  Tappay payment gateway with woocommerce . how you get  Tappay payment gateway woocommerce module and integrate it. When it comes to data security,  TapPay is also very safe and reliable . TapPay provides friendly and flexible payment service, which allows citiesocial users to enjoy wonderful shopping experience.It has a significant impact on improving e-commerce conversion rate and lower operation cost. Tappay payment gateway integration woocommerce Tappay payment gateway integration woocommerce Integrated Payments Exclusive Cross-site modules for seamless checkout experiences Tokenized card management, Card-Free experience and self-updating card expiration dates TapPay is compatible with multiple payment method and E-wallet, including Apple Pay / Google Pay / Samsung Pay / LINE Pay / JKOP
Post a Comment
Read more

Icici eazypay Payment gateway integration with woocommerce plugin php module

Icici eazypay Payment gateway integration with woocommerce plugin php module Icici eazypay Payment gateway integration with woocommerce plugin php module,  What is the icici eazypay? eazypay lets you pay your bills conveniently, be it your education, housing society maintenance or any other bills. You can pay your bills using Cash Deposit, Cheque Deposit, RTGS, NEFT, Net Banking or Cards. Why eazypay? Search bills with your registered  Mobile Number/Email ID Enjoy multiple payment options Get reminder before due date Pay from any of your Bank Accounts Pay bills of large number of Institutions Get e-Receipts for payments made Icici eazypay Payment gateway integration with woocommerce plugin php module Eazypay is a single platform for multiple collection modes which facilitates single Management Information System (MIS) reconciliation for all collection modes. It has a plug and play implementation and enhances speed of collection. Eazypay is
1 comment
Read more