Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
CVE-2026-45444: WP Swings Gift Cards For WooCommerce Pro allows uploading malicious files
CVE-2026-45444
Summary
An attacker can upload malicious files to a WooCommerce store using the WP Swings Gift Cards For WooCommerce Pro plugin. This could allow them to compromise the store's security or disrupt its operation. Update the plugin to the latest version to fix this issue.
Original title
Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files.
This issue affects Gift Cards For WooCommerce Pro: from n/a ...
Original description
Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files.
This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6.
This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6.
nvd CVSS3.1
10.0
Vulnerability type
CWE-434
Unrestricted File Upload
Published: 20 May 2026 · Updated: 28 May 2026 · First seen: 20 May 2026