CVE-2023-4821
The CVE-2023-4821 entry describes an unauthenticated stored Cross-Site Scripting vulnerability in the WordPress plugin Drag and Drop Multiple File Upload for WooCommerce (before 1.1.1). The flaw arises because the plugin does not filter all potentially dangerous file extensions (e.g., .shtml, .sv...