CVE-2026-14487: The Simple Coherent Form plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path val | AI Sec Watch