2 matches found
CVE-2023-1112 Drag and Drop Multiple File Upload Contact Form 7 admin-ajax.php path traversal
A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 on WordPress. It has been classified as critical. Affected is an unknown function of the file admin-ajax.php. The manipulation of the argument uploadname leads to relative path traversal. It is possible to laun...
CVE-2023-1112
CVE-2023-1112 affects the WordPress plugin Drag and Drop Multiple File Upload for Contact Form 7 (version 5.0.6.1). The vulnerability is in an unknown function within admin-ajax.php where manipulating the parameter upload_name enables relative path traversal. Public exploitation is reported, with...