exploitDog

GHSA-gv3g-5wrh-3x24

Опубликовано: 27 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 10

Описание

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple File Upload (Pro) - WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Drag and Drop Multiple File Upload (Pro) - WooCommerce: from n/a through 5.0.6.

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple File Upload (Pro) - WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Drag and Drop Multiple File Upload (Pro) - WooCommerce: from n/a through 5.0.6.

Ссылки

EPSS

Процентиль: 34%

0.00135

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2025-49885

CVSS3: 10

nvd

8 месяцев назад

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple File Upload (Pro) - WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Drag and Drop Multiple File Upload (Pro) - WooCommerce: from n/a through 5.0.6.

EPSS

Процентиль: 34%

0.00135

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-434