GHSA-6wvr-3ch8-8c9pHighCVSS 7.1
Unauthenticated Cross Site Scripting (XSS) in Drag and Drop Multiple File Upload – Contact Form 7...
🔗 CVE IDs covered (1)
📋 Description
Unauthenticated Cross Site Scripting (XSS) in Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.7 versions.
🔗 References (3)
- https://nvd.nist.gov/vuln/detail/CVE-2026-49055
- https://patchstack.com/database/wordpress/plugin/drag-and-drop-multiple-file-upload-contact-form-7/vulnerability/wordpress-drag-and-drop-multiple-file-upload-contact-form-7-plugin-1-3-9-7-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://github.com/advisories/GHSA-6wvr-3ch8-8c9p