WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution

WordPress Contact Form 7 before 1.3.3.3 allows unrestricted file upload and remote code execution by setting supportedtype to php% and uploading a .php% file. id: CVE-2020-12800 info: name: WordPress Contact Form 7 1.3.3.3 - Remote Code Execution author: dwisiswant0 severity: critical description...

CVE-2022-0595

The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dndcodedropzupload AJAX action, which could lead to Stored Cross-Site Scripting issue...

CVE-2022-0595

The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dndcodedropzupload AJAX action, which could lead to Stored Cross-Site Scripting issue...

WordPress plugin Drag and Drop Multiple File Upload 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Drag and Drop Multiple File Upload plugi...

WordPress Drag And Drop File Upload Contact Form 1.3.3.2 Shell Upload

Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Date: 2020-05-11 Exploit Author: Austin Martin Google Dork: inurl:wp-content/uploads/wpdndcf7uploads/ Google Dork: inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/...