Description

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple File Upload (Pro) - WooCommerce drag-and-drop-file-upload-wc-pro allows Upload a Web Shell to a Web Server.This issue affects Drag and Drop Multiple File Upload (Pro) - WooCommerce: from n/a through <= 5.0.6.

INFO

Published Date :

2025-06-27T11:52:30.847Z

Last Modified :

2026-04-28T16:13:07.016Z

Source :

Patchstack
AFFECTED PRODUCTS

The following products are affected by CVE-2025-49885 vulnerability.

Vendors Products
Woocommerce
  • Woocommerce
Wordpress
  • Wordpress

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact