Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-05-13

CVE-2022-3282 - Drag And Drop Multiple File Upload Plugin

The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.5 does not properly check for the upload size limit set in forms, taking the value from user input sent when submitting the form. As a result, attackers could control the file length limit and bypass the limit set by admins in the contact form.

PLUGIN Drag And Drop Multiple File Upload

CVE-2022-3282

MEDIUM CVSS 4.3 2022-10-17

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-0595 - Drag And Drop Multiple File Upload Plugin

The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dnd_codedropz_upload AJAX action, which could lead to Stored Cross-Site Scripting issue

PLUGIN Drag And Drop Multiple File Upload

CVE-2022-0595

MEDIUM CVSS 5.4 2022-03-28

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2022-3282 - Drag And Drop Multiple File Upload Plugin

CVE-2022-0595 - Drag And Drop Multiple File Upload Plugin

Company Links

Contact Us