CVE-2022-45377

MEDIUM

Drag and Drop Multiple File Upload for WooCommerce <= 1.0.8 - Unrestricted Upload of File with Dangerous Type

Title source: llm

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a through 1.0.8.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/drag-and-drop-multiple-file-upload-for-woocommerce/wordpress-drag-and-drop-multiple-file-upload-for-woocommerce-plugin-1-0-8-multiple-vulnerabilities?_s_id=cve

Scores

CVSS v3 6.5

EPSS 0.0060

EPSS Percentile 44.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Details

CWE

CWE-434

Status published

Products (2)

codedropz/drag_and_drop_multiple_file_upload_for_woocommerce < 1.0.9

Glen Don L. Mongaya/Drag and Drop Multiple File Upload for WooCommerce < 1.0.8

Published Dec 21, 2023

Tracked Since Feb 18, 2026