3 matches found
CVE-2025-12682
The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing file type validation in the 'fileduringcheckout' function in all versions up to, and including, 2.9.8. This makes it possible for unauthenticated attackers to upload...
CVE-2025-12682
CVE-2025-12682 concerns the WordPress plugin Easy Upload Files During Checkout. The vulnerability is an unauthenticated arbitrary JavaScript file upload caused by missing file type validation in the file_during_checkout function, affecting all versions up to and including 2.9.8. The issue can ena...
CVE-2025-12682 Easy Upload Files During Checkout <= 2.9.8 - Unauthenticated Arbitrary JavaScript File Upload
The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing file type validation in the 'fileduringcheckout' function in all versions up to, and including, 2.9.8. This makes it possible for unauthenticated attackers to upload...