Medium severity4.9NVD Advisory· Published Feb 28, 2022· Updated Jun 17, 2026
CVE-2021-24689
CVE-2021-24689
Description
The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=1.0.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/31824250-e0d4-4285-97fa-9880b363e075nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.