dnd_codedropz_upload_wc and dnd_codedropz_upload_delete_wc AJAX actions, which makes it possible for unauthenticated attackers to upload files to the server without it being assigned to an existing form and delete files from the server.
REPORT ID: 6f3b6e80-86d7-4532-a9fe-dfeacc0d00b3
dnd_codedropz_upload_wc and dnd_codedropz_upload_delete_wc AJAX actions, which makes it possible for unauthenticated attackers to upload files to the server without it being assigned to an existing form and delete files from the server.
You need to log in to view the vulnerability details.