5 matches found
CVE-2025-14457
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing ownership check in the dndcodedropzuploaddelete function in all versions up to, and including, 1.3.9.2. This makes it possible for unauthenticated...
CVE-2025-14457 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.2 - Missing Authorization to Unauthenticated File Deletion
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing ownership check in the dndcodedropzuploaddelete function in all versions up to, and including, 1.3.9.2. This makes it possible for unauthenticated...
CVE-2025-14457 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.2 - Missing Authorization to Unauthenticated File Deletion
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing ownership check in the dndcodedropzuploaddelete function in all versions up to, and including, 1.3.9.2. This makes it possible for unauthenticated...
CVE-2025-14457
CVE-2025-14457 affects the Drag and Drop Multiple File Upload for Contact Form 7 (WordPress) plugin. The root cause is a missing ownership check in dnd_codedropz_upload_delete(), allowing unauthenticated users to delete arbitrary uploaded files when the \
PT-2026-2983
Name of the Vulnerable Software and Affected Versions Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress versions up to and including 1.3.9.2 Description The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is susceptible to unauthorized...