6 matches found
CVE-2023-1282
The Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard WordPress plugin before 2.11.1 and Drag and Drop Multiple File Upload PRO - Contact Form 7 with Remote Storage Integrations WordPress plugin before 5.0.6.4 do not sanitise and escape a parameter before outputting it back in the...
CVE-2023-1282
creationtimestamp| type| source ---|---|--- 2023-04-17 16:41:52+00:00| seen| https://t.me/cibsecurity/62279...
CVE-2023-1282
The Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard WordPress plugin before 2.11.1 and Drag and Drop Multiple File Upload PRO - Contact Form 7 with Remote Storage Integrations WordPress plugin before 5.0.6.4 do not sanitise and escape a parameter before outputting it back in the...
CVE-2023-1282 Drag and Drop Multiple File Upload PRO - Reflected Cross-Site Scripting
The Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard WordPress plugin before 2.11.1 and Drag and Drop Multiple File Upload PRO - Contact Form 7 with Remote Storage Integrations WordPress plugin before 5.0.6.4 do not sanitise and escape a parameter before outputting it back in the...
CVE-2023-1282
The CVE-2023-1282 entry affects the WordPress plugins “Drag and Drop Multiple File Upload PRO – Contact Form 7 Standard” (before 2.11.1) and “Drag and Drop Multiple File Upload PRO – Contact Form 7 with Remote Storage Integrations” (before 5.0.6.4). Root cause: both plugins do not sanitize/escape...
WordPress Drag and Drop Multiple File Upload PRO Plugin < 5.0.6.4 is vulnerable to Cross Site Scripting (XSS)
Software Drag and Drop Multiple File Upload PRO Type Plugin Vulnerable versions 5.0.6.4 Fixed in 5.0.6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1282 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 21c6dea8a7cd Credi...