The Drag and Drop Multiple File Upload WordPress plugin prior to 1.3.6.3 allows SVG files to be uploaded by default via the dnd_codedropz_upload AJAX action, which could lead to Stored Cross-Site Scripting issue
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
codedropz drag and drop multiple file upload - contact form 7 |