Metrics
Affected Vendors & Products
Solution
Update the WordPress Drag and Drop File Upload for Elementor Forms plugin to the latest available version (at least 1.5.4).
Workaround
No workaround given by the vendor.
Thu, 28 Aug 2025 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Elementor
Elementor elementor Wordpress Wordpress wordpress |
|
Vendors & Products |
Elementor
Elementor elementor Wordpress Wordpress wordpress |
Thu, 28 Aug 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 28 Aug 2025 13:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms allows Upload a Web Shell to a Web Server. This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through 1.5.3. | |
Title | WordPress Drag and Drop File Upload for Elementor Forms Plugin <= 1.5.3 - Arbitrary File Upload Vulnerability | |
Weaknesses | CWE-434 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2025-08-28T15:38:44.366Z
Reserved: 2025-06-04T15:43:46.346Z
Link: CVE-2025-49387

Updated: 2025-08-28T15:38:40.701Z

Status : Awaiting Analysis
Published: 2025-08-28T13:15:59.230
Modified: 2025-08-29T16:24:29.730
Link: CVE-2025-49387

No data.

Updated: 2025-08-28T21:29:53Z