[WordPress Zendrop - Global Dropshipping Plugin](versions 1.0.0 and older) Vulnerable to Arbitrary File Upload
Importance (CVSS3.0)
★★★★★★★★★☆ 9.8 / 10 - Critical
Details
A vulnerability of Arbitrary File Upload was discovered in WordPress Zendrop - Global Dropshipping Plugin.
This vulnerability allows malicious attackers to upload any kinds of files on the target website.
This vulnerability hasn’t been fixed yet.
Solutions
Disable and delete. There’s no patched version available.
Source
We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.
[WordPress Zendrop - Global Dropshipping Plugin](versions 1.0.0 and older) Vulnerable to Arbitrary File Upload, by WS Security is licensed under CC BY 4.0.