Lucene search
WPScanCVELIST:CVE-2022-3282HistoryOct 17, 2022 - 12:00 a.m.
CVE-2022-3282 Drag and Drop Multiple File Upload < 1.3.6.5 - File Upload Size Limit Bypass
2022-10-1700:00:00
CWE-639
WPScan
www.cve.org
1
cve-2022-3282
file upload
wordpress plugin
size limit bypass
admins
contact form
The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.5 does not properly check for the upload size limit set in forms, taking the value from user input sent when submitting the form. As a result, attackers could control the file length limit and bypass the limit set by admins in the contact form.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Drag and Drop Multiple File Upload – Contact Form 7",
"versions": [
{
"version": "1.3.6.5",
"status": "affected",
"lessThan": "1.3.6.5",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-10-17 12:15:00
patchstack
patchstack
nvd
nvd
CVE-2022-3282
2022-10-17 12:15:10
wpvulndb
wpvulndb
Drag and Drop Multiple File Upload < 1.3.6.5 - File Upload Size Limit Bypass
2022-09-26 00:00:00
wpexploit
wpexploit
Drag and Drop Multiple File Upload < 1.3.6.5 - File Upload Size Limit Bypass
2022-09-26 00:00:00
cve
cve
CVE-2022-3282
2022-10-17 12:15:10