CVE-2022-45364

Name of the Vulnerable Software and Affected Versions Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin versions <= 1.3.6.5

Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin versions <= 1.3.6.5, update to a version higher than 1.3.6.5 to resolve the issue. As a temporary workaround, consider implementing additional CSRF protection measures, such as token-based validation, to minimize the risk of exploitation.