VYPR

Easy Upload Files During Checkout

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-12682CriNov 4, 2025
    risk 0.57cvss 9.8epss 0.01

    The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing file type validation in the 'file_during_checkout' function in all versions up to, and including, 2.9.8. This makes it possible for unauthenticated…

  • CVE-2025-62078MedDec 31, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Fahad Mahmood Easy Upload Files During Checkout easy-upload-files-during-checkout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Upload Files During Checkout: from n/a through <= 3.0.0.