← back
CVE-2022-45377

WordPress Drag and Drop Multiple File Upload for WooCommerce Plugin <= 1.0.8 is vulnerable to Multiple Vulnerabilities

CVSS 6.5 MEDIUMEPSS 0.6%CWE-434
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
21 Dec 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a through 1.0.8.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected products
Glen Don L. Mongaya · Drag and Drop Multiple File Upload for WooCommerce

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/vulnerability/drag-and-drop-multiple-file-upload-for-woocommerce/wordpress-drag-and-drop-multiple-file-upload-for-woocommerce-plugin-1-0-8-multiple-vulnerabilities?_s_id=cve