CVE-2023-0714

HIGH

Metform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Arbitrary File Upload via Double Extension Bypass

Title source: llm

Description

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4. This allows unauthenticated visitors to perform a "double extension" attack and upload files containing a malicious extension but ending with a benign extension, which may make remote code execution possible in some configurations.

References (3)

Core 3

Core References

Product

https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/file-data-validation.php?rev=2746287

Patch

https://plugins.trac.wordpress.org/changeset/2896914/

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/697ce433-f321-4977-a2ad-68369d9ce9c3?source=cve

Scores

CVSS v3 8.1

EPSS 0.0096

EPSS Percentile 56.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-434

Status published

Products (2)

roxnor/MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor < 3.2.4

wpmet/metform_elementor_contact_form_builder < 3.3.0

Published Aug 17, 2024

Tracked Since Feb 18, 2026