Contact Form 7, arguably the most widely used WordPress plugin, released a security patch for an unrestricted file upload vulnerability in all versions 5.3.1 and lower. The WordPress plugin directory lists 5+ million sites using Contact Form 7, but we estimate that it has at least 10 million installations.

For more information about this issue, visit our friends at WordFence to read the full article HERE