Vulnerabilities > CVE-2018-20979 - Unspecified vulnerability in Rocklobster Contact Form 7

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

critical

NVD

Published: 2019-08-22

Updated: 2020-08-24

Summary

The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type.

Part	Description	Count
Application	Rocklobster Rocklobster Contact Form 7 - Rocklobster Contact Form 7 3.6 Rocklobster Contact Form 7 3.7 Rocklobster Contact Form 7 3.7.1 Rocklobster Contact Form 7 3.7.2 Rocklobster Contact Form 7 5.0 Rocklobster Contact Form 7 5.0.1 Rocklobster Contact Form 7 5.0.2 Rocklobster Contact Form 7 5.0.3	9