CVE-2025-3515 | Drag and Drop Multiple File Upload for Contact Form 7 Plugin File Extension unrestricted upload

Inserito da Angelo Barbosa | Giu 17, 2025 | CVE

A vulnerability was found in Drag and Drop Multiple File Upload for Contact Form 7 Plugin up to 1.3.8.9 on WordPress and classified as critical. Affected by this issue is some unknown functionality of the component File Extension Handler. The manipulation leads to unrestricted upload.

This vulnerability is handled as CVE-2025-3515. The attack may be launched remotely. There is no exploit available.

CVE-2025-3515 | Drag and Drop Multiple File Upload for Contact Form 7 Plugin File Extension unrestricted upload

Post correlati

CVE-2023-7161 | Netentsec NS-ASG Application Security Gateway 6.3.1 Login index.php check_VirtualSiteId sql injection

CVE-2025-1882 | i-Drive i11/i12 up to 20250227 Device Setting improper access control for register interface

CVE-2024-11622 | HPE Insight Remote Support prior 7.14.0.629 xml external entity reference

CVE-2025-2248 | WP-PManager Plugin up to 1.2 on WordPress cross-site request forgery