CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-6316

The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.0.6. This is due to missing nonce validation and missing file type validation in the 'wp_cf7_pdf_dashboard_html_page' function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.7%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2024-6316

Zealousweb » Generate Pdf Using Contact Form 7 » Version: N/A

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:-
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.0

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.0
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.1

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.1
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.2

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.2
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.3

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.3
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.4

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.4
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.5

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.5
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.6

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.6
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.7

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.7
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.8

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.8
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.1

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.1
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.2

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.2
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.3

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.3
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.4

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.4
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.5

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.5
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.6

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.6
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.7

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.7
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.8

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.8
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 1.9.9

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:1.9.9
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.0

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.0
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.1

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.1
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.10

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.10
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.11

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.11
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.2

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.2
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.3

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.3
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.4

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.4
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.5

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.5
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.6

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.6
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.7

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.7
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.8

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.8
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 2.9

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:2.9
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.0

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.0
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.1

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.1
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.10

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.10
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.2

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.2
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.3

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.3
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.4

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.4
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.6

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.6
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.7

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.7
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.8

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.8
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 3.9

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:3.9
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.1

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.1
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.2

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.2
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.3

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.3
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.4

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.4
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.5

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.5
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.6

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.6
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.7

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.7
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.8

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.8
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.0.9

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.0.9
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.1.0

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.1.0
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.1.1

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.1.1
Zealousweb » Generate Pdf Using Contact Form 7 » Version: 4.1.2

cpe:2.3:a:zealousweb:generate_pdf_using_contact_form_7:4.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-6316

Products

Pricing

Contact Us