Vulnerabilities > Codedropz > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2022-45377 | Unspecified vulnerability in Codedropz Drag and Drop multiple File Upload for Woocommerce Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. | 9.8 |
| 2023-11-22 | CVE-2023-5822 | Unrestricted Upload of File with Dangerous Type vulnerability in Codedropz Drag and Drop multiple File Upload - Contact Form 7 The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3. | 9.8 |
| 2023-03-01 | CVE-2023-1112 | Path Traversal vulnerability in Codedropz Drag and Drop multiple File Upload - Contact Form 7 5.0.6.1 A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 on WordPress. | 9.8 |
| 2020-06-08 | CVE-2020-12800 | Unrestricted Upload of File with Dangerous Type vulnerability in Codedropz Drag and Drop multiple File Upload - Contact Form 7 The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file. | 9.8 |