CVE-2025-8464 (GCVE-0-2025-8464)
Vulnerability from cvelistv5
Published
2025-08-16 07:25
Modified
2025-08-18 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-23 - Relative Path Traversal
Summary
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.3.9.0 via the wpcf7_guest_user_id cookie. This makes it possible for unauthenticated attackers to upload and delete files outside of the originally intended directory. The impact of this vulnerability is limited, as file types are validated and only safe ones can be uploaded, while deletion is limited to the plugin's uploads folder.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| glenwpcoder | Drag and Drop Multiple File Upload for Contact Form 7 |
Version: * ≤ 1.3.9.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-18T17:50:55.939422Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-18T17:51:17.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Drag and Drop Multiple File Upload for Contact Form 7",
"vendor": "glenwpcoder",
"versions": [
{
"lessThanOrEqual": "1.3.9.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thien Tran"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.3.9.0 via the wpcf7_guest_user_id cookie. This makes it possible for unauthenticated attackers to upload and delete files outside of the originally intended directory. The impact of this vulnerability is limited, as file types are validated and only safe ones can be uploaded, while deletion is limited to the plugin\u0027s uploads folder."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-16T07:25:28.619Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17f7be7f-f675-4c9f-a7b3-525a3c3c5775?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L1018"
},
{
"url": "https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L1050"
},
{
"url": "https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L77"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3344512%40drag-and-drop-multiple-file-upload-contact-form-7\u0026new=3344512%40drag-and-drop-multiple-file-upload-contact-form-7\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-09T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-08-01T16:02:49.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-08-15T19:13:08.000+00:00",
"value": "Disclosed"
}
],
"title": "Drag and Drop Multiple File Upload for Contact Form 7 \u003c= 1.3.9.0 - Directory Traversal via `wpcf7_guest_user_id` Cookie"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8464",
"datePublished": "2025-08-16T07:25:28.619Z",
"dateReserved": "2025-08-01T15:47:19.302Z",
"dateUpdated": "2025-08-18T17:51:17.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-8464\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2025-08-16T08:15:27.493\",\"lastModified\":\"2025-08-18T20:16:28.750\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.3.9.0 via the wpcf7_guest_user_id cookie. This makes it possible for unauthenticated attackers to upload and delete files outside of the originally intended directory. The impact of this vulnerability is limited, as file types are validated and only safe ones can be uploaded, while deletion is limited to the plugin\u0027s uploads folder.\"},{\"lang\":\"es\",\"value\":\"El complemento Drag and Drop Multiple File Upload for Contact Form 7 para WordPress es vulnerable a Directory traversal en todas las versiones hasta la 1.3.9.0 incluida, a trav\u00e9s de la cookie wpcf7_guest_user_id. Esto permite que atacantes no autenticados suban y eliminen archivos fuera del directorio original. El impacto de esta vulnerabilidad es limitado, ya que los tipos de archivo se validan y solo se pueden subir los seguros, mientras que la eliminaci\u00f3n se limita a la carpeta de subidas del plugin.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@wordfence.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-23\"}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L1018\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L1050\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L77\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3344512%40drag-and-drop-multiple-file-upload-contact-form-7\u0026new=3344512%40drag-and-drop-multiple-file-upload-contact-form-7\u0026sfp_email=\u0026sfph_mail=\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/17f7be7f-f675-4c9f-a7b3-525a3c3c5775?source=cve\",\"source\":\"security@wordfence.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-8464\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-18T17:50:55.939422Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-18T17:51:06.287Z\"}}], \"cna\": {\"title\": \"Drag and Drop Multiple File Upload for Contact Form 7 \u003c= 1.3.9.0 - Directory Traversal via `wpcf7_guest_user_id` Cookie\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Thien Tran\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\"}}], \"affected\": [{\"vendor\": \"glenwpcoder\", \"product\": \"Drag and Drop Multiple File Upload for Contact Form 7\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.3.9.0\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-07-09T00:00:00.000+00:00\", \"value\": \"Discovered\"}, {\"lang\": \"en\", \"time\": \"2025-08-01T16:02:49.000+00:00\", \"value\": \"Vendor Notified\"}, {\"lang\": \"en\", \"time\": \"2025-08-15T19:13:08.000+00:00\", \"value\": \"Disclosed\"}], \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/17f7be7f-f675-4c9f-a7b3-525a3c3c5775?source=cve\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L1018\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L1050\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/drag-and-drop-multiple-file-upload-contact-form-7/tags/1.3.9.0/inc/dnd-upload-cf7.php#L77\"}, {\"url\": \"https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3344512%40drag-and-drop-multiple-file-upload-contact-form-7\u0026new=3344512%40drag-and-drop-multiple-file-upload-contact-form-7\u0026sfp_email=\u0026sfph_mail=\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.3.9.0 via the wpcf7_guest_user_id cookie. This makes it possible for unauthenticated attackers to upload and delete files outside of the originally intended directory. The impact of this vulnerability is limited, as file types are validated and only safe ones can be uploaded, while deletion is limited to the plugin\u0027s uploads folder.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-23\", \"description\": \"CWE-23 Relative Path Traversal\"}]}], \"providerMetadata\": {\"orgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"shortName\": \"Wordfence\", \"dateUpdated\": \"2025-08-16T07:25:28.619Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-8464\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-18T17:51:17.240Z\", \"dateReserved\": \"2025-08-01T15:47:19.302Z\", \"assignerOrgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"datePublished\": \"2025-08-16T07:25:28.619Z\", \"assignerShortName\": \"Wordfence\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…