Description
WordPress Plugin Contact Form 7 is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin Contact Form 7 version 5.0.3 is vulnerable; prior versions are also affected.
Remediation
Update to plugin version 5.0.4 or latest
References
Related Vulnerabilities
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-9787)
Oracle Database Server Other Vulnerability (CVE-2006-0551)
WordPress Plugin Yasr-Yet Another Stars Rating PHP Object Injection (1.8.6)
WordPress Plugin WP Glossary 'ajax.php' SQL Injection (0.1)
Oracle Application Server CVE-2008-2589 Vulnerability (CVE-2008-2589)