What this page helps you verify fast
This hub clusters every indexed record for Checkout Files Upload for WooCommerce so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.
Review known vulnerability records for the WordPress plugin Checkout Files Upload for WooCommerce (`checkout-files-upload-woocommerce`), including severity, CVE references, affected versions, and patch status.
Recent tracked CVEs on this page include CVE-2026-42725, CVE-2025-4212 and CVE-2025-39520, so operators can jump from disclosure to patch validation without scanning the full feed first.
This hub clusters every indexed record for Checkout Files Upload for WooCommerce so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.
These recent records surface the CVE strings, patch cues, and direct report links most operators need first.
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a us...
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.2.1 due to insufficient i...
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.2.0 due to insufficient input sanitization and...
Sorted by latest disclosure date so newly published issues surface first.
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to perform an unau...
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker...
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...
Cross-Site Scripting (XSS) vulnerability in WP Wham's Checkout Files Upload for WooCommerce plugin