Last week Takayuki Miyoshi released a new version of his popular Contact Form 7 plugin. Installed on more than 5 million sites across the internet, the latest update patches a security vulnerability that enables a form submitter to bypass the filename sanitisation and upload a file which can then be executed on the server.
It is highly recommended that all sites update to v.5.3.2 immediately.
Need help to keep your WordPress site up to date and secure? Check out our WordPress Care Plans.