We just received notice from “WP Toolkit” about an “Arbitrary File Upload Vulnerability:
WP Toolkit has detected new vulnerabilities on WordPress sites under your care. It is strongly recommended to update or disable vulnerable assets on these sites. You can also configure WP Toolkit to perform automatic actions when vulnerabilities are detected.
Site Vulnerability
The following vulnerabilities need your attention because they have to be addressed manually:
xxxxx.com WordPress Contact Form 7 plugin <= 5.8.3 – Authenticated (Editor ) Arbitrary File Upload vulnerability
yyyyy.com WordPress Contact Form 7 plugin <= 5.8.3 – Authenticated (Editor ) Arbitrary File Upload vulnerability
zzzzz.com WordPress Contact Form 7 plugin <= 5.8.3 – Authenticated (Editor ) Arbitrary File Upload vulnerability
Automatic actions can be defined on the site autoupdate policy screen.
The system generated this notice on Friday, December 1, 2023 at 3:27:14 AM UTC.
“WPT::VulnerabilityFound” notifications are currently configured to have an importance of “Low”. You can change the importance or disable this type of notification in WHM’s Contact Manager at: https://wp03.optrics.net:2087/scripts2/editcontact?event=Application
Do not reply to this automated message.
The page I need help with: [log in to see the link]