Lucene search
K

6 matches found

GithubExploit
GithubExploit
added 2025/09/03 9:43 a.m.290 views

Exploit for Unrestricted Upload of File with Dangerous Type in Codedropz Drag_And_Drop_Multiple_File_Upload_-_Contact_Form_7

CVE-2025-3515 WordPress Lab Drag and Drop Multiple File Uploa...

9.8CVSS7.7AI score0.0509EPSS
Exploits2
Circl
Circl
added 2025/06/17 9:41 a.m.35 views

CVE-2025-3515

creationtimestamp| type| source ---|---|--- 2025-06-17 09:41:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18573 2025-06-17 10:01:14+00:00| published-proof-of-concept| Telegram/ONimq940-aml-ziaQNnPitR2a4dvARau7ekaKGXqYn5E4A 2025-06-17 11:03:08+00:00| seen|...

9.8CVSS6.1AI score0.0509EPSS
Exploits2References16
Vulnrichment
Vulnrichment
added 2025/06/17 9:21 a.m.9 views

CVE-2025-3515 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and...

8.1CVSS8.6AI score0.0509EPSS
Exploits2References3
Cvelist
Cvelist
added 2025/06/17 9:21 a.m.42 views

CVE-2025-3515 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and...

8.1CVSS0.0509EPSS
Exploits2References3
CVE
CVE
added 2025/06/17 9:21 a.m.226 views

CVE-2025-3515

CVE-2025-3515 affects the WordPress plugin “Drag and Drop Multiple File Upload for Contact Form 7” (versions ≤ 1.3.8.9). Affected component: inc/dnd-upload-cf7.php (function dnd_upload_cf7_upload). Root cause: insufficient file-type validation enabled by a blacklist bypass, allowing unauthenticat...

9.8CVSS8.6AI score0.0509EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2025/06/17 7:49 a.m.18 views

WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks vulnerability

Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks vulnerability discovered by mikemyers in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.8.9...

9.8CVSS6.7AI score0.0509EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder