Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.7
Woo File Dropzone Allows Attackers to Access Sensitive Files
CVE-2025-68862
Summary
A security flaw in Woo File Dropzone allows attackers to access sensitive files on the server. This means that unauthorized users could potentially view or modify important data. To fix this, update Woo File Dropzone to version 1.1.8 or later.
Original title
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Murtaza Bhurgri Woo File Dropzone woo-file-dropzone allows Path Traversal.This issue affects Woo File...
Original description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Murtaza Bhurgri Woo File Dropzone woo-file-dropzone allows Path Traversal.This issue affects Woo File Dropzone: from n/a through <= 1.1.7.
nvd CVSS3.1
7.7
Vulnerability type
CWE-22
Path Traversal
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026