Drag%20and%20Drop%20File%20Upload%20for%20Elementor%20Forms

Drag and Drop File Upload for Elementor Forms

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-49387

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-10||CRITICAL

EPSS-0.19% / 41.06%

7 Day CHG+0.05%

Published-28 Aug, 2025 | 12:37

Updated-28 Apr, 2026 | 16:13

WordPress Drag and Drop File Upload for Elementor Forms Plugin <= 1.5.3 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms drag-and-drop-file-upload-for-elementor-forms allows Upload a Web Shell to a Web Server.This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through <= 1.5.3.

Vendor-add-ons.org

Product-Drag and Drop File Upload for Elementor Forms

CWE ID-CWE-434

Unrestricted Upload of File with Dangerous Type

CVE-2025-47492

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-8.6||HIGH

EPSS-1.29% / 79.89%

7 Day CHG~0.00%

Published-23 May, 2025 | 12:43

Updated-28 Apr, 2026 | 16:12

WordPress Drag and Drop File Upload for Elementor Forms plugin <= 1.4.3 - Arbitrary File Deletion Vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms drag-and-drop-file-upload-for-elementor-forms allows Path Traversal.This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through <= 1.4.3.

Vendor-add-ons.org

Product-Drag and Drop File Upload for Elementor Forms

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')