CVE-2023-0714

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4. This allows unauthenticated visitors to perform a "double extension" attack and upload files containing a malicious extension but ending with a benign extension, which may make remote code execution possible in some configurations.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/file-data-validation.php?rev=2746287	Product
https://plugins.trac.wordpress.org/changeset/2896914/	Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/697ce433-f321-4977-a2ad-68369d9ce9c3?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*

History

28 Feb 2025, 22:37

Type	Values Removed	Values Added
CPE		cpe:2.3:a:wpmet:metform_elementor_contact_form_builder::::::wordpress::*
References	~~() https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/file-data-validation.php?rev=2746287 -~~	() https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/file-data-validation.php?rev=2746287 - Product
References	~~() https://plugins.trac.wordpress.org/changeset/2896914/ -~~	() https://plugins.trac.wordpress.org/changeset/2896914/ - Patch
References	~~() https://www.wordfence.com/threat-intel/vulnerabilities/id/697ce433-f321-4977-a2ad-68369d9ce9c3?source=cve -~~	() https://www.wordfence.com/threat-intel/vulnerabilities/id/697ce433-f321-4977-a2ad-68369d9ce9c3?source=cve - Third Party Advisory
First Time		Wpmet metform Elementor Contact Form Builder Wpmet

Information

Published : 2024-08-17 10:15

Updated : 2025-04-23 17:30

NVD link : CVE-2023-0714

Mitre link : CVE-2023-0714

CVE.ORG link : CVE-2023-0714

JSON object : View

Products Affected

wpmet

metform_elementor_contact_form_builder

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2023-0714", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-08-17T10:15:06.147", "references": [{"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/file-data-validation.php?rev=2746287", "tags": ["Product"], "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/changeset/2896914/", "tags": ["Patch"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/697ce433-f321-4977-a2ad-68369d9ce9c3?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-434"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4. This allows unauthenticated visitors to perform a \"double extension\" attack and upload files containing a malicious extension but ending with a benign extension, which may make remote code execution possible in some configurations."}, {"lang": "es", "value": "Metform Elementor Contact Form Builder para WordPress es vulnerable a la carga arbitraria de archivos debido a una validaci\u00f3n insuficiente del tipo de archivo en versiones hasta la 3.2.4 incluida. Esto permite a los visitantes no autenticados realizar un ataque de \"doble extensi\u00f3n\" y cargar archivos que contienen una extensi\u00f3n maliciosa pero que terminan con una extensi\u00f3n benigna, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo en algunas configuraciones."}], "lastModified": "2025-04-23T17:30:05.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "3683BA08-5228-44D7-A2B6-2242690EA7BA", "versionEndExcluding": "3.3.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}