Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/07/02 4:51 p.m.7 views

WordPress Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin <= 1.7.1,5.0-5.0.5 - Unauthenticated Arbitrary File Upload vulnerability

WordPress Drag and Drop Multiple File Upload Pro - WooCommerce plugin = 1.7.1,5.0-5.0.5 - Unauthenticated Arbitrary File Upload vulnerability discovered by Foxyyy in WordPress Plugin Drag and Drop Multiple File Upload Pro - WooCommerce versions = 1.7.1,5.0-5.0.5...

9.8CVSS6.8AI score0.00613EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2025/07/02 9:43 a.m.10 views

CVE-2025-5746

creationtimestamp| type| source ---|---|--- 2025-07-02 09:43:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsxwgiyagv2r...

9.8CVSS7.3AI score0.00613EPSS
Exploits0References1
NVD
NVD
added 2025/07/02 4:15 a.m.9 views

CVE-2025-5746

The Drag and Drop Multiple File Upload Pro - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnduploadcf7uploadchunks function in version 5.0 - 5.0.5 when bundled with the PrintSpace theme and all versions up to, and including,...

9.8CVSS0.00613EPSS
Exploits0References2
CVE
CVE
added 2025/07/02 3:47 a.m.38 views

CVE-2025-5746

The CVE-2025-5746 entry describes an unauthenticated arbitrary file upload flaw in the Drag and Drop Multiple File Upload (Pro) – WooCommerce, affecting both the Pro plugin (versions 5.0–5.0.5 bundled with PrintSpace) and the standalone version up to 1.7.1. The root cause is missing file-type val...

9.8CVSS6.6AI score0.00613EPSS
Exploits0References2
Rows per page
Query Builder