Vanquish Woocommerce_upload_files

2 CVEs affecting Vanquish Woocommerce_upload_files. Latest disclosed: 2024-11-13. Critical: 2, High: 0.

Top CVEs affecting Vanquish Woocommerce_upload_files
CVESeverityScorePublishedSummary
CVE-2024-10820Critical9.82024-11-13The WooCommerce Upload Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in…
CVE-2021-24171Critical9.82021-04-05The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to remove blocked extensions such as .php. It was possible to bypass t…