CVE-2026-14487 - Simple Coherent Form <= 2.4.13 - Unauthenticated Arbitrary File Deletion via 'id' Parameter
CVE ID :CVE-2026-14487 Published : July 8, 2026, 5:16 a.m. | 1 hour, 58 minutes ago Description :The Simple Coherent Form plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the removeUploadDir function in all versions up to, and...