-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Sat, Apr 20, 2019 at 07:22:25AM +0300, Panagiotis Vagenas wrote: > # Exploit Title: Contact Form Builder [CSRF → LFI] > # Date: 2019-03-17 > # Exploit Author: Panagiotis Vagenas > # Vendor Homepage: http://web-dorado.com/ > # Software Link: https://wordpress.org/plugins/contact-form-builder > # Version: 1.0.67 > # Tested on: WordPress 5.1.1
MITRE assigned CVE-2019-11557 for this vulnerability. - -- Henri Salo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE/aVSDznAZReWTkxKJ633pE6qdXQFAlzDe4kACgkQJ633pE6q dXRxjg//V58vQe1Qy9ziON4Z3fPFeN+i/GT2qBh1e3HLcfEzwblGmTPHMF1yIU1/ bLrvA+s1DcWVz060S0Mlf9F2pFH2OFiAgttcl6zNsQQjU3SihXmA5FlCPUJrhOXP 1rMAf4zV7nUFpNnERe9ucx+RP3/F3yH8ncnSLzXPciL+z/Ro66hEUkyCoDhIL52m UH7no3XMFPXtg514Fk5o9THmGCVRApp+JTMfdi/eFQlFNYUDOsmX8KD8PoaYTAT6 sKpzfJ/wVc5PKEsXbi5O/k5S08R8OoKlGQ+hzQFU35Eoprpdn0H+IZtC6Ft6wQyQ b5CfU/7D6F2pDBvl2GUZPHBg1iwLOiBLIJl+YHBoFMOI+wiJeonwJ7JEml/uhv3O 7parMoY8GWgqNUl1L23fiMXzllhMWbbTV0Gin14EKsFC/dOPmlHRmrnRkZO0EeWm 6XpaZbnyTKVzLDF7JnnkB0uBXxL83ARem/tP0Gdt/zQsvzEtkC6mRnpelY2O/2fy 9ylqYenDzLHJ6+EM2PVGGQJjuyuPAsgrrcmkj7td09nF45J6aGcFOr7GcdyXeTXI n0mNtl0fjjjAi6HZg4MM3gHZ7sbWESNq92ePxNwj7KhVWyTSb67nbkObs2g59B09 bK56Pf4h3nVupTdCvFXlerADSFhsQrQxR1Q8zWPjjgaW+4b03Jc= =00mC -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
