CVE-2025-14842 | glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin unrestricted upload

Inserito da Angelo Barbosa | Gen 7, 2026 | CVE

A vulnerability was found in glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin up to 1.3.9.2 on WordPress. It has been rated as critical. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in unrestricted upload.

This vulnerability is identified as CVE-2025-14842. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-14842 | glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin unrestricted upload

Post correlati

CVE-2024-38892 | Wavlink WN551K1 ExportAllSettings.sh information disclosure

CVE-2024-33865 | linqi up to 1.4.0.0 on Windows /api/Cdn/GetFile information disclosure

CVE-2024-44952 | Linux Kernel up to 6.10.4 uevent_show deadlock

CVE-2023-51489 | Automattic Crowdsignal Dashboard Plugin up to 3.0.11 on WordPress cross-site request forgery