CVE-2022-45377 – WordPress Drag and Drop Multiple File Upload for WooCommerce Plugin <= 1.0.8 is vulnerable to Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2022-45377

24 Feb 2023 — Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a through 1.0.8. Vulnerabilidad de carga de archivos con tipo peligroso sin restricciones en Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce. Este problema afecta a Drag and Drop Multiple File Upload for WooCommerce: desde n/a hasta 1.0.8. • https://patchstack.com/database/vulnerability/drag-and-drop-multiple-file-upload-for-woocommerce/wordpress-drag-and-drop-multiple-file-upload-for-woocommerce-plugin-1-0-8-multiple-vulnerabilities?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) CWE-434: Unrestricted Upload of File with Dangerous Type •