Vulnerabilities and security researches forwoo-file-dropzone woo-file-dropzone

Feb 27, 2026

CVE, Research URL: CVE-2025-68862
Home page URL: Security reports for Woo File Dropzone
Application: Woo File Dropzone
Date: Feb 20, 2026
Research Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Murtaza Bhurgri Woo File Dropzone woo-file-dropzone allows Path Traversal.This issue affects Woo File Dropzone: from n/a through <= 1.1.7.
Affected versions: max 1.1.7.
Status: vulnerable