← Back to CVE List

CVE-2022-0595

Published: 2022-03-28T18:15Z
Last Modified: 2024-11-21T06:38Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dnd_codedropz_upload AJAX action, which could lead to Stored Cross-Site Scripting issue > MITRE Terms of Use apply – see LICENSE‑MITRE.txt