CVE-2025-14457 | glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin dnd_codedropz_upload_delete authorization

A vulnerability classified as critical has been found in glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin up to 1.3.9.2 on WordPress. The affected element is the function dnd_codedropz_upload_delete. Performing a manipulation results in missing authorization.

This vulnerability was named CVE-2025-14457. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More