VYPR
Critical severity10.0NVD Advisory· Published Dec 17, 2020· Updated Jun 17, 2026

CVE-2020-35489

CVE-2020-35489

Description

The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.