Drag And Drop Multiple File Upload - Contact Form 7 Security Vulnerabilities and Issues — Drag And Drop Multiple File Upload - Contact Form 7 CVE List

Lucene search

CodedropzDrag And Drop Multiple File Upload - Contact Form 7

4 matches found

CVE•added 2023/03/01 10:15 a.m.•114 views

CVE-2023-1112

A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 on WordPress. It has been classified as critical. Affected is an unknown function of the file admin-ajax.php. The manipulation of the argument upload_name leads to relative path traversal. It is possible to launc...

9.8CVSS7AI score0.21654EPSS

CVE•added 2023/11/22 4:15 p.m.•108 views

CVE-2023-5822

The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3. This makes it possible for unauthenticated attackers to upload...

9.8CVSS9.8AI score0.04403EPSS

CVE•added 2023/04/17 1:15 p.m.•51 views

CVE-2023-1282

The Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard WordPress plugin before 2.11.1 and Drag and Drop Multiple File Upload PRO - Contact Form 7 with Remote Storage Integrations WordPress plugin before 5.0.6.4 do not sanitise and escape a parameter before outputting it back in the pa...

6.1CVSS6.1AI score0.00519EPSS

CVE•added 2023/05/24 4:15 p.m.•43 views

CVE-2022-45364

Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin

8.8CVSS7.2AI score0.00043EPSS