Vulnerabilities (CVE)

Filtered by vendor Codedropz Subscribe
Filtered by product Drag And Drop Multiple File Uploader
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4821 1 Codedropz 1 Drag And Drop Multiple File Uploader 2024-02-28 N/A 5.4 MEDIUM
The Drag and Drop Multiple File Upload for WooCommerce WordPress plugin before 1.1.1 does not filter all potentially dangerous file extensions. Therefore, an attacker can upload unsafe .shtml or .svg files containing malicious scripts.