2 matches found
CVE-2023-5822
CVE-2023-5822 affects the WordPress plugin Drag and Drop Multiple File Upload – Contact Form 7. Vulnerability: arbitrary file upload due to insufficient file type validation in dnd_upload_cf7_upload, enabling unauthenticated attackers to upload arbitrary files if a multiple-file upload form field...
WordPress Drag and Drop Multiple File Upload – Contact Form 7 Plugin <= 1.3.7.3 is vulnerable to Arbitrary File Upload
Software Drag and Drop Multiple File Upload – Contact Form 7 Type Plugin Vulnerable versions = 1.3.7.3 Fixed in 1.3.7.4 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-5822 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID f6819936ca80 Credits...