Glenwpcoder Drag And Drop Multiple File Upload For Contact Form 7
12 CVEs affecting Glenwpcoder Drag And Drop Multiple File Upload For Contact Form 7. Latest disclosed: 2026-04-17. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-2328 | High | 8.8 | 2025-03-28 | The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validatio… |
CVE-2026-5718 | High | 8.1 | 2026-04-17 | The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.3.9.7… |
CVE-2026-3459 | High | 8.1 | 2026-03-05 | The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation i… |
CVE-2025-3515 | High | 8.1 | 2025-06-17 | The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation… |
CVE-2023-5822 | High | 8.1 | 2023-11-22 | The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation i… |
CVE-2026-5710 | High | 7.5 | 2026-04-17 | The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary File Read in versions up to… |
CVE-2025-2485 | High | 7.5 | 2025-03-28 | The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3… |
CVE-2025-14842 | Medium | 6.1 | 2026-01-07 | The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited upload of files with a dangerous type in all versions up… |
CVE-2025-8464 | Medium | 5.3 | 2025-08-16 | The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.3.9… |
CVE-2024-12267 | Medium | 5.3 | 2025-01-31 | The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited arbitrary file deletion due to insufficient file path val… |
CVE-2024-3717 | Medium | 5.3 | 2024-05-02 | The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and includi… |
CVE-2025-14457 | Low | 3.7 | 2026-01-15 | The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing ownership ch… |