CVE-2022-45377 MEDIUM

CVE-2022-45377: WordPress Drag and Drop Multiple File Upload for WooCommerce Plugin <= 1.0.8 is vulnerable to Multiple Vulnerabilities

Vendor Glen Don L. Mongaya
Product Drag and Drop Multiple File Upload for WooCommerce
Weakness CWE-434 · Unrestricted file upload
Published December 21, 2023
Last update April 28, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a through 1.0.8.

Key dates

02Disclosure timeline

December 21, 2023 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE