CVE-2022-45377

MEDIUM

Codedropz Drag And Drop Multiple File... - Unrestricted File Upload

Title source: rule

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a through 1.0.8.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/drag-and-drop-multiple-file-upload-for-woocommerce/wordpress-drag-and-drop-multiple-file-upload-for-woocommerce-plugin-1-0-8-multiple-vulnerabilities?_s_id=cve

Scores

CVSS v3 6.5

EPSS 0.0021

EPSS Percentile 43.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Details

CWE

CWE-434

Status published

Products (2)

codedropz/drag_and_drop_multiple_file_upload_for_woocommerce < 1.0.9

Glen Don L. Mongaya/Drag and Drop Multiple File Upload for WooCommerce < 1.0.8

Published Dec 21, 2023

Tracked Since Feb 18, 2026