Vulnerabilities in glenwpcoder
15 resultsCVE-2025-3515HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist ChecksEPSS 5.1%CVE-2026-5718HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist BypassEPSS 4.2%CVE-2025-4403CRITICALDrag and Drop Multiple File Upload for WooCommerce <= 1.1.6 - Unauthenticated Arbitrary File Upload via upload FunctionEPSS 1.8%CVE-2023-5822HIGHDrag and Drop Multiple File Upload - Contact Form 7 <= 1.3.7.3 - Unauthenticated Arbitrary File UploadEPSS 1.8%CVE-2025-2941CRITICALDrag and Drop Multiple File Upload for WooCommerce <= 1.1.4 - Unauthenticated Arbitrary File MoveEPSS 1.4%CVE-2025-2328HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.7 - Unauthenticated Arbitrary File DeletionEPSS 0.9%CVE-2026-5710HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.6 - Unauthenticated Limited Arbitrary File Read via mfile FieldEPSS 0.7%CVE-2025-8464MEDIUMDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.0 - Directory Traversal via `wpcf7_guest_user_id` CookieEPSS 0.7%CVE-2024-3717MEDIUMDrag and Drop Multiple File Upload – Contact Form 7 <= 1.3.7.7 - Sensitive Information ExposureEPSS 0.7%CVE-2026-3459HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.5 - Unauthenticated Arbitrary File UploadEPSS 0.6%CVE-2025-2485HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.7 - Unauthenticated PHP Object Injection via PHAR to Arbitrary File DeletionEPSS 0.5%CVE-2024-12267MEDIUMDrag and Drop Multiple File Upload – Contact Form 7 <= 1.3.8.5 - Limited Arbitrary File DeletionEPSS 0.3%CVE-2025-14842MEDIUMDrag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.2 - Unauthenticated Limited Arbitrary File UploadEPSS 0.3%CVE-2026-8991MEDIUMDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'drag_n_drop_text' and 'drag_n_drop_browse_text' SettingsEPSS 0.2%CVE-2025-14457LOWDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.2 - Missing Authorization to Unauthenticated File DeletionEPSS 0.2%