CVE-2026-5718 | glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin wpcf7_antiscript_file_name unrestricted upload

A vulnerability identified as critical has been detected in glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin up to 1.3.9.6 on WordPress. This issue affects the function wpcf7_antiscript_file_name. This manipulation causes unrestricted upload.

This vulnerability is tracked as CVE-2026-5718. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More