Austin Martin - Security Researcher - Exploit Intelligence Platform

CVE-2020-12800 NOMISEC CRITICAL WORKING POC

Wordpress Drag and Drop Multi File Uploader RCE

The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file.

27 stars

CVSS 9.8

View Code

CVE-2020-12800 METASPLOIT CRITICAL ruby WORKING POC

Wordpress Drag and Drop Multi File Uploader RCE

The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file.

CVSS 9.8

View Code

EIP-2026-113692 EXPLOITDB text WORKING POC

WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution

View Code