CVE-2026-5718 Scanner
CVE-2026-5718 Scanner - Remote Code Execution vulnerability in Drag and Drop Multiple File Upload for Contact Form 7
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
2 weeks 5 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
This scanner focuses on the Drag and Drop Multiple File Upload plugin for Contact Form 7, a widely-used WordPress plugin developed to enhance contact form functionalities by allowing multiple file uploads through drag-and-drop actions. The software is commonly used by website administrators and developers who leverage WordPress for building and managing websites. This plugin integrates with the Contact Form 7 platform, facilitating seamless file interactions as part of form submission processes. It is designed to cater to users requiring robust and flexible contact form solutions, offering enhanced user experience through its drag-and-drop file feature. As part of the WordPress ecosystem, it is extensively utilized across various industries, serving small to large enterprises aiming for efficient form handling.
The vulnerability addressed by this scanner is a Remote Code Execution (RCE) issue arising from the Drag and Drop Multiple File Upload plugin for Contact Form 7. The flaw involves insufficient file validation checks, allowing unauthenticated attackers to upload arbitrary files, including malicious ones, to the server. The vulnerability is exacerbated by inadequate filename sanitization mechanisms, particularly with non-ASCII characters. As a result, this allows attackers to bypass security measures and execute unauthorized code remotely. This vulnerability represents a critical security risk, potentially leading to severe implications for affected systems if not addressed promptly.
Technical details of the vulnerability reveal that it stems from the plugin's handling of file uploads, specifically the content-type application/octet-stream used during file submission. Affected endpoints include those responsible for handling multipart form data containing malicious file payloads. By exploiting weak nonce protection strategies and taking advantage of an attacker-controlled 'upload-file' field, unauthorized code execution becomes feasible. The template employs numerous HTTP requests and response verification steps to ascertain successful exploitation, with matchers confirming payload delivery and file execution paths.
Successful exploitation of this vulnerability allows threat actors to take full control of the web server hosting the vulnerable plugin. Potential effects include unauthorized access to sensitive information or databases, defacement or modification of website content, and use of the compromised server to launch further attacks. Attackers may implant persistent backdoors, leading to long-term access and seriously compromising the confidentiality, integrity, and availability of hosted content and data.
REFERENCES
