CVE Catalog

CVE-2026-45444

Critical
Published: Translated: NVD NIST

Summary

The vulnerability in WP Swings Gift Cards For WooCommerce Pro allows unrestricted upload of files with dangerous types, enabling the use of malicious files.

Risk Assessment

Organizations may be exposed to attacks that leverage malicious files to gain control over the system or steal data.

Recommendation

It is recommended to restrict file upload capabilities to safe types and implement additional verification mechanisms for uploaded files.

Original NVD description (English source)

Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS