Sh1zen Multi Uploader For Gravity Forms
2 CVEs affecting Sh1zen Multi Uploader For Gravity Forms. Latest disclosed: 2025-12-12. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-14344 | Critical | 9.8 | 2025-12-12 | The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'plupload_aj… |
CVE-2025-23921 | Critical | 9.0 | 2025-01-22 | Unrestricted Upload of File with Dangerous Type vulnerability in sh1zen Multi Uploader for Gravity Forms gf-multi-uploader allows Upload a Web Shell to a Web S… |