Lucene search
China National Vulnerability DatabaseCNVD-2022-70761HistoryMar 30, 2022 - 12:00 a.m.
WordPress Drag and Drop Multiple File Upload plugin cross-site scripting vulnerability
2022-03-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
wordpress
drag and drop
multiple file upload
cross-site scripting
vulnerability
php
mysql
EPSS
0.001
Percentile
41.9%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language . The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Drag and Drop Multiple File Upload plugin version 1.3.6.3 prior to the cross-site scripting vulnerability, the The vulnerability stems from the default allowing SVG files to be uploaded via the dnd_codedropz_upload AJAX operation, which can be exploited by attackers to cause storage cross-site scripting issues.
Related
nvd
nvd
CVE-2022-0595
2022-03-28 18:15:09
prion
prion
Cross site scripting
2022-03-28 18:15:00
patchstack
patchstack
cvelist
cvelist
hackerone
hackerone
Nord Security: Stored XSS at nordvpn.com
2023-01-19 23:35:23
cve
cve
CVE-2022-0595
2022-03-28 18:15:09
wpexploit
wpexploit
wpvulndb
wpvulndb
nuclei
nuclei
WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting
2022-04-24 09:53:15