Vulners
Lucene search
CVE-2022-3282
๐๏ธย 17 Oct 2022ย 00:00:00Reported byย WPScanTypeย 
ย cve๐ย web.nvd.nist.gov๐ฐ๏ธย 2ย Media mentions๐ย 71ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | CVE-2022-3282 | 17 Oct 202216:13 | โ | circl |
 | WordPress Plugin Drag and Drop Multiple File Upload ๅฎๅ จๆผๆด | 17 Oct 202200:00 | โ | cnnvd |
 | WordPress Drag and Drop Multiple File Upload Security Bypass Vulnerability | 19 Oct 202200:00 | โ | cnvd |
 | CVE-2022-3282 Drag and Drop Multiple File Upload < 1.3.6.5 - File Upload Size Limit Bypass | 17 Oct 202200:00 | โ | cvelist |
 | EUVD-2022-42678 | 3 Oct 202520:07 | โ | euvd |
 | CVE-2022-3282 | 17 Oct 202212:15 | โ | nvd |
 | CVE-2022-3282 | 17 Oct 202212:15 | โ | osv |
 | WordPress Drag and Drop Multiple File Upload plugin <= 1.3.6.4 - File Upload Size Limit Bypass vulnerability | 26 Sep 202200:00 | โ | patchstack |
 | Design/Logic Flaw | 17 Oct 202212:15 | โ | prion |
 | PT-2022-21496 ยท WordPress ยท Drag/Drop Multiple File Upload | 17 Oct 202200:00 | โ | ptsecurity |
10
Node
[
{
"vendor": "Unknown",
"product": "Drag and Drop Multiple File Upload โ Contact Form 7",
"versions": [
{
"version": "1.3.6.5",
"status": "affected",
"lessThan": "1.3.6.5",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| size_limit | request body | wordpress/wp-admin/admin-ajax.php | Vulnerability in Drag and Drop Multiple File Upload WordPress plugin allows bypassing admin-imposed upload size limits by taking the limit value from user input and using it in the upload process. | CWE-639 |
| action | request body | wordpress/wp-admin/admin-ajax.php | Vulnerability in Drag and Drop Multiple File Upload WordPress plugin allows bypassing admin-imposed upload size limits by taking the limit value from user input and using it in the upload process. | CWE-639 |
| type | request body | wordpress/wp-admin/admin-ajax.php | Vulnerability in Drag and Drop Multiple File Upload WordPress plugin allows bypassing admin-imposed upload size limits by taking the limit value from user input and using it in the upload process. | CWE-639 |
| form_id | request body | wordpress/wp-admin/admin-ajax.php | Vulnerability in Drag and Drop Multiple File Upload WordPress plugin allows bypassing admin-imposed upload size limits by taking the limit value from user input and using it in the upload process. | CWE-639 |
| upload_name | request body | wordpress/wp-admin/admin-ajax.php | Vulnerability in Drag and Drop Multiple File Upload WordPress plugin allows bypassing admin-imposed upload size limits by taking the limit value from user input and using it in the upload process. | CWE-639 |
| upload-file | request body | wordpress/wp-admin/admin-ajax.php | Vulnerability in Drag and Drop Multiple File Upload WordPress plugin allows bypassing admin-imposed upload size limits by taking the limit value from user input and using it in the upload process. | CWE-639 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 04:59Current
4.7Medium risk
Vulners AI Score4.7
CVSS 3.14.3
EPSS0.00543
SSVC