WordPress plugin Drag and Drop Multiple File Upload for WooCommerce 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

CVE-2025-30456

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges...

CVE-2025-24277

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges...

CVE-2025-2007

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteImage function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress plugin Import Export Suite for CSV and XML Datafeed 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2025-30456

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges...

CVE-2025-30456

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges...

CVE-2025-24277

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges...

CVE-2025-30456

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges...

CVE-2025-30456

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges...

CVE-2025-30456

CVE-2025-30456 involves a parsing issue in how directory paths are handled. Apple fixed it with improved path validation in macOS Ventura 13.7.5, macOS Sonoma 14.7.5, macOS Sequoia 15.4, and iOS/iPadOS 18.4. The issue could allow an app to gain root privileges. Affected component/firmware version...

CVE-2025-24277

CVE-2025-24277 describes a parsing issue in handling of directory paths that is mitigated by improved path validation in macOS updates. The vulnerability is addressed in macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. The issue could allow an app to gain root privileges due to ...

CVE-2025-24277

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges...

PT-2025-55362

Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.4 Description A parsing issue in the handling of directory paths could allow an application to access sensitive user data. This was addressed by implementing improved path validation. Recommendations Update t...

PT-2025-13985 · Apple · Macos Sonoma +5

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description: A parsing issue in the handling of directory paths was...

CVE-2025-2328

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'dndremoveuploadedfiles' function in all versions up to, and including, 1.3.8.7. This makes it possible for unauthenticated...

CVE-2025-2328

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'dndremoveuploadedfiles' function in all versions up to, and including, 1.3.8.7. This makes it possible for unauthenticated...

CVE-2025-2328

Technical details for CVE-2025-2328 are not provided in the connected documents. Monitor for official updates on affected products, root cause, impact, and remediation.

CVE-2025-2328 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.7 - Unauthenticated Arbitrary File Deletion

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'dndremoveuploadedfiles' function in all versions up to, and including, 1.3.8.7. This makes it possible for unauthenticated...

PT-2025-13443 · WordPress · Drag/Drop Multiple File Upload – Contact Form 7 +2

Name of the Vulnerable Software and Affected Versions: Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress versions up to, and including, 1.3.8.7 Description: The issue is related to insufficient file path validation in the dnd remove uploaded files function, allowing...