Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

glenwpcoder — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting glenwpcoder. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Glenwpcoder develops web applications and security tools, with a core focus on identifying vulnerabilities in content management systems and e-commerce platforms. Historically, their work has frequently exposed remote code execution, cross-site scripting, and privilege escalation flaws, particularly in WordPress plugins and themes. While no major public security incidents are directly attributed to this researcher, their contributions to CVE records demonstrate consistent findings in authentication bypasses and insecure deserialization issues. Their analysis often highlights insufficient input validation and improper access controls, providing valuable insights into common web application weaknesses across multiple platforms.

Top products by glenwpcoder: Drag and Drop Multiple File Upload for Contact Form 7 Drag and Drop Multiple File Upload for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2026-5710 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.6 - Unauthenticated Limited Arbitrary File Read via mfile Field — Drag and Drop Multiple File Upload for Contact Form 7CWE-22 7.5 High2026-04-17
CVE-2026-5718 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.6 - Unauthenticated Arbitrary File Upload via Non-ASCII Filename Blacklist Bypass — Drag and Drop Multiple File Upload for Contact Form 7CWE-434 8.1 High2026-04-17
CVE-2026-3459 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.5 - Unauthenticated Arbitrary File Upload — Drag and Drop Multiple File Upload for Contact Form 7CWE-434 8.1 High2026-03-05
CVE-2025-14457 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.2 - Missing Authorization to Unauthenticated File Deletion — Drag and Drop Multiple File Upload for Contact Form 7CWE-862 3.7 Low2026-01-15
CVE-2025-14842 Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.2 - Unauthenticated Limited Arbitrary File Upload — Drag and Drop Multiple File Upload for Contact Form 7CWE-434 6.1 Medium2026-01-07
CVE-2025-8464 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.0 - Directory Traversal via `wpcf7_guest_user_id` Cookie — Drag and Drop Multiple File Upload for Contact Form 7CWE-23 5.3 Medium2025-08-16
CVE-2025-3515 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks — Drag and Drop Multiple File Upload for Contact Form 7CWE-434 8.1 High2025-06-17
CVE-2025-4403 Drag and Drop Multiple File Upload for WooCommerce <= 1.1.6 - Unauthenticated Arbitrary File Upload via upload Function — Drag and Drop Multiple File Upload for WooCommerceCWE-434 9.8 Critical2025-05-09
CVE-2025-2941 Drag and Drop Multiple File Upload for WooCommerce <= 1.1.4 - Unauthenticated Arbitrary File Move — Drag and Drop Multiple File Upload for WooCommerceCWE-22 9.8 Critical2025-04-05
CVE-2025-2485 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.7 - Unauthenticated PHP Object Injection via PHAR to Arbitrary File Deletion — Drag and Drop Multiple File Upload for Contact Form 7CWE-502 7.5 High2025-03-28
CVE-2025-2328 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.7 - Unauthenticated Arbitrary File Deletion — Drag and Drop Multiple File Upload for Contact Form 7CWE-22 8.8 High2025-03-28
CVE-2024-12267 Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.8.5 - Limited Arbitrary File Deletion — Drag and Drop Multiple File Upload for Contact Form 7CWE-73 5.3 Medium2025-01-31
CVE-2024-3717 Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.7.7 - Sensitive Information Exposure — Drag and Drop Multiple File Upload for Contact Form 7CWE-922 5.3 Medium2024-05-02
CVE-2023-5822 Drag and Drop Multiple File Upload - Contact Form 7 <= 1.3.7.3 - Unauthenticated Arbitrary File Upload — Drag and Drop Multiple File Upload for Contact Form 7CWE-434 8.1 High2023-11-22

This page lists every published CVE security advisory associated with glenwpcoder. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.