7 matches found
Exploit for CVE-2026-5718
CVE-2026-5718 Local Docker Lab Local-only vulnerable vs patch...
WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin <= 1.3.9.6 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass vulnerability
Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass vulnerability discovered by Leonid Semenenko lsemenenko in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.9.6...
EUVD-2026-23459
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.3.9.6. This is due to insufficient file type validation that occurs when custom blacklist types are configured, which replaces the default...
EUVD-2026-23458
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary File Read in versions up to and including 1.3.9.6. This is due to the plugin using client-supplied mfile POST values as the source of truth for email attachment...
CVE-2026-5718 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.7 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.3.9.7. This is due to insufficient file type validation that occurs when custom blacklist types are configured, which replaces the default...
CVE-2026-5710 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.6 - Unauthenticated Limited Arbitrary File Read via mfile Field
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary File Read in versions up to and including 1.3.9.6. This is due to the plugin using client-supplied mfile POST values as the source of truth for email attachment...
WordPress plugin WPshop 2 – E-Commerce 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...