Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by Brandon James Roldan in WordPress Drag and Drop Multiple File Upload – Contact Form 7 plugin (versions <= 1.3.6.2).
Update the WordPress Drag and Drop Multiple File Upload – Contact Form 7 plugin to the latest available version (at least 1.3.6.3).