[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwFTg4hUsyFUr-Oafz4P5TcOcqVMhymdEKvJTMEoJcOo":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":359,"crawl_stats":38,"alternatives":362,"analysis":474,"fingerprints":726},"wp-file-upload","Iptanus File Upload","5.1.7","nickboss","https:\u002F\u002Fprofiles.wordpress.org\u002Fnickboss\u002F","\u003Cp>With this plugin you or other users can upload files to your site from any page, post or sidebar easily and securely.\u003C\u002Fp>\n\u003Cp>Simply put the shortcode [wordpress_file_upload] to the contents of any WordPress page \u002F post or add the plugin’s widget in any sidebar and you will be able to upload files to any directory inside wp-contents of your WordPress site.\u003C\u002Fp>\n\u003Cp>You can add custom fields to submit additional data together with the uploaded file.\u003C\u002Fp>\n\u003Cp>You can use it to capture screenshots or video from your webcam and upload it to the website (for browsers that support this feature).\u003C\u002Fp>\n\u003Cp>You can even use it as a simple contact (or any other type of) form to submit data without including a file.\u003C\u002Fp>\n\u003Cp>The plugin displays the list of uploaded files in a separate top-level menu in Dashboard and includes a file browser to access and manage the uploaded files (only for admins currently).\u003C\u002Fp>\n\u003Cp>Several filters and actions before and after file upload enable extension of its capabilities.\u003C\u002Fp>\n\u003Cp>The characteristics of the plugin are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It uses the latest HTML5 technology, however it will also work with old browsers and mobile phones.\u003C\u002Fli>\n\u003Cli>It provides a nice upload form using Material UI React components.\u003C\u002Fli>\n\u003Cli>It is compliant with the General Data Protection Regulation (GDPR) of the European Union.\u003C\u002Fli>\n\u003Cli>It can be added in posts, pages or sidebars (as a widget).\u003C\u002Fli>\n\u003Cli>It can capture and upload screenshots or video from the device’s camera.\u003C\u002Fli>\n\u003Cli>It supports additional form fields (like checkboxes, text fields, email fields, dropdown lists etc).\u003C\u002Fli>\n\u003Cli>It can be used as a simple contact form to submit data (a selection of file can be optional).\u003C\u002Fli>\n\u003Cli>It produces notification messages and e-mails.\u003C\u002Fli>\n\u003Cli>It supports selection of destination folder from a list of subfolders.\u003C\u002Fli>\n\u003Cli>Upload progress can be monitored with a progress bar.\u003C\u002Fli>\n\u003Cli>Upload process can be cancelled at any time.\u003C\u002Fli>\n\u003Cli>It supports redirection to another url after successful upload.\u003C\u002Fli>\n\u003Cli>There can be more than one instances of the shortcode in the same page or post.\u003C\u002Fli>\n\u003Cli>Uploaded files can be added to Media or be attached to the current page.\u003C\u002Fli>\n\u003Cli>Uploaded files can be saved to an FTP location (ftp and sftp protocols supported).\u003C\u002Fli>\n\u003Cli>It is highly customizable with many (more than 50) options.\u003C\u002Fli>\n\u003Cli>It supports filters and actions before and after file upload.\u003C\u002Fli>\n\u003Cli>It contains a visual editor for customizing the plugin easily without any knowledge of shortcodes or programming\u003C\u002Fli>\n\u003Cli>It supports logging of upload events or management of files, which can be viewed by admins through the Dashboard.\u003C\u002Fli>\n\u003Cli>It includes an Uploaded Files top-level menu item in the Dashboard, from where admins can view the uploaded files.\u003C\u002Fli>\n\u003Cli>It includes a file browser in the Dashboard, from where admins can manage the files.\u003C\u002Fli>\n\u003Cli>It supports multilingual characters and localization.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin is translated in the following languages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Portuguese, kindly provided by Rui Alao\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>French, kindly provided by Thomas Bastide of http:\u002F\u002Fwww.omicronn.fr\u002F and improved by other contributors\u003C\u002Fli>\n\u003Cli>Serbian, kindly provided by Andrijana Nikolic of http:\u002F\u002Fwebhostinggeeks.com\u002F\u003C\u002Fli>\n\u003Cli>Dutch, kindly provided by Ruben Heynderycx\u003C\u002Fli>\n\u003Cli>Chinese, kindly provided by Yingjun Li\u003C\u002Fli>\n\u003Cli>Spanish, kindly provided by Marton\u003C\u002Fli>\n\u003Cli>Italian, kindly provided by Enrico Marcolini https:\u002F\u002Fwww.marcuz.it\u002F\u003C\u002Fli>\n\u003Cli>Polish\u003C\u002Fli>\n\u003Cli>Swedish, kindly provided by Leif Persson\u003C\u002Fli>\n\u003Cli>Persian, kindly provided by Shahriyar Modami http:\u002F\u002Fchabokgroup.com\u003C\u002Fli>\n\u003Cli>Greek\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please note that the plugin contains minified CSS and Javascript files in order to reduce its size and speed-up performance. The unminified version of these files can be found \u003Ca href=\"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fwp-file-upload\u002Funminified\u002F\" title=\"Unminified CSS and JS files of the plugin\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003Cbr \u002F>\nThe source code of the compiled React files of the plugin can be found \u003Ca href=\"https:\u002F\u002Fsourceforge.net\u002Fp\u002Fwordpress-file-upload-react\u002Fcode\u002Fci\u002Fmaster\u002Ftree\u002F\" title=\"React source code of the plugin\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Please also note that old desktop browsers or mobile browsers may not support all of the above functionalities. In order to get full functionality use the latest versions browsers, supporting HTML5, AJAX and CSS3.\u003C\u002Fp>\n\u003Cp>For additional features, such as multiple file upload, very large file upload, drag and drop of files, captcha, detailed upload progress bars, list of uploaded files, image gallery and custom css please consider \u003Ca href=\"http:\u002F\u002Fwww.iptanus.com\u002Fsupport\u002Fwordpress-file-upload\u002F\" title=\"Iptanus File Upload support page\" rel=\"nofollow ugc\">Iptanus File Upload Professional\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Please visit the \u003Cstrong>Other Notes\u003C\u002Fstrong> section for customization options of this plugin.\u003C\u002Fp>\n\u003Ch3>Plugin Customization Options\u003C\u002Fh3>\n\u003Cp>Please visit the \u003Ca href=\"https:\u002F\u002Fwww.iptanus.com\u002Fsupport\u002Fwordpress-file-upload\u002F\" title=\"Iptanus File Upload support page\" rel=\"nofollow ugc\">support page\u003C\u002Fa> of the plugin for detailed description of customization options.\u003C\u002Fp>\n\u003Ch3>Requirements\u003C\u002Fh3>\n\u003Cp>The plugin requires to have Javascript enabled in your browser. For Internet Explorer you also need to have Active-X enabled.\u003Cbr \u002F>\nPlease note that old desktop browsers or mobile browsers may not support all of the plugin’s features. In order to get full functionality use the latest versions of browsers, supporting HTML5, AJAX and CSS3.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>The plugin connects to Iptanus servers to retrieve information about the latest version of the plugin.\u003Cbr \u002F>\nIt does not send any user data. It just receives the latest version of the plugin.\u003Cbr \u002F>\nThe service is provided by the owner of the plugin, Iptanus. \u003Ca href=\"https:\u002F\u002Fwww.iptanus.com\u002Fiptanus-file-upload-plugin-server-terms-of-service\u002F\" title=\"Iptanus File Upload Plugin Server terms of service\" rel=\"nofollow ugc\">Terms of Service\u003C\u002Fa>. \u003Ca href=\"https:\u002F\u002Fwww.iptanus.com\u002Fwordpress-file-upload-plugin-server-privacy-policy\u002F\" title=\"Iptanus File Upload Plugin Server privacy policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n","THIS IS FORMER WORDPRESS FILE UPLOAD PLUGIN. Simple yet powerful plugin to allow users to upload files from any page, post or sidebar and manage them.",10000,1432746,88,118,"2025-12-20T14:37:00.000Z","6.9.4","3.0","",[20,21,22,23,24],"ajax","file","form","page","upload","https:\u002F\u002Fwww.iptanus.com\u002Fsupport\u002Fwordpress-file-upload","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-file-upload.5.1.7.zip",87,27,0,"2025-02-24 00:00:00","2026-03-15T15:16:48.613Z",[33,49,65,77,90,101,112,126,140,150,160,170,184,196,209,221,233,240,252,263,276,288,299,310,323,334,346],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2024-13494","wordpress-file-upload-cross-site-request-forgery-in-wfufiledetails","WordPress File Upload \u003C= 4.25.2 - Cross-Site Request Forgery in wfu_file_details","The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.25.2. This is due to missing or incorrect nonce validation on the 'wfu_file_details' function. This makes it possible for unauthenticated attackers to modify user data details associated with uploaded files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=4.25.2","4.25.3","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-02-25 07:30:31",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F595a6ab3-0731-4ef4-a385-5dfebbd917f4?source=api-prod",1,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":59,"published_date":60,"updated_date":61,"references":62,"days_to_patch":64},"CVE-2024-11635","wordpress-file-upload-unuathenticated-remote-code-execution","WordPress File Upload \u003C= 4.24.12 - Unuathenticated Remote Code Execution","The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfu_ABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server.","\u003C=4.24.12","4.24.14","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Generation of Code ('Code Injection')","2025-01-07 18:43:07","2025-03-24 15:03:52",[63],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb5165f60-6515-4a2c-a124-cc88155eaf01?source=api-prod",76,{"id":66,"url_slug":67,"title":68,"description":69,"plugin_slug":4,"theme_slug":38,"affected_versions":70,"patched_in_version":71,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":59,"published_date":72,"updated_date":73,"references":74,"days_to_patch":76},"CVE-2024-11613","wordpress-file-upload-unauthenticated-remote-code-execution-arbitrary-file-read-and-arbitrary-file-deletion","WordPress File Upload \u003C= 4.24.15 - Unauthenticated Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion","The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion in all versions up to, and including, 4.24.15 via the 'wfu_file_downloader.php' file. This is due to lack of proper sanitization of the 'source' parameter and allowing a user-defined directory path. This makes it possible for unauthenticated attackers to execute code on the server.","\u003C=4.24.15","4.25.0","2025-01-07 00:00:00","2025-03-24 15:03:03",[75],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F31052fe6-a0ae-4502-b2d2-dbc3b3bf672f?source=api-prod",77,{"id":78,"url_slug":79,"title":80,"description":81,"plugin_slug":4,"theme_slug":38,"affected_versions":82,"patched_in_version":55,"severity":83,"cvss_score":84,"cvss_vector":85,"vuln_type":86,"published_date":72,"updated_date":87,"references":88,"days_to_patch":76},"CVE-2024-9939","wordpress-file-upload-unauthenticated-path-traversal-to-arbitrary-file-read-in-wfufiledownloaderphp","WordPress File Upload \u003C= 4.24.13 - Unauthenticated Path Traversal to Arbitrary File Read in wfu_file_downloader.php","The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read files outside of the originally intended directory.","\u003C=4.24.13","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2025-03-24 15:03:18",[89],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5e51f301-026d-4ed7-82f8-96c1623bf95c?source=api-prod",{"id":91,"url_slug":92,"title":93,"description":94,"plugin_slug":4,"theme_slug":38,"affected_versions":70,"patched_in_version":71,"severity":41,"cvss_score":42,"cvss_vector":95,"vuln_type":96,"published_date":97,"updated_date":98,"references":99,"days_to_patch":48},"CVE-2024-12719","wordpress-file-upload-missing-authorization-to-authenticated-subscriber-limited-path-traversal","WordPress File Upload \u003C= 4.24.15 - Missing Authorization to Authenticated (Subscriber+) Limited Path Traversal","The WordPress File Upload plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wfu_ajax_action_read_subfolders' function in all versions up to, and including, 4.24.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform limited path traversal to view directories and subdirectories in WordPress. Files cannot be viewed.","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Missing Authorization","2025-01-06 00:00:00","2025-01-07 09:22:16",[100],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F314ae0f5-8a4e-4bf3-9fc9-49f5b036b99e?source=api-prod",{"id":102,"url_slug":103,"title":104,"description":105,"plugin_slug":4,"theme_slug":38,"affected_versions":106,"patched_in_version":107,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":86,"published_date":108,"updated_date":109,"references":110,"days_to_patch":48},"CVE-2024-9047","wordpress-file-upload-unauthenticated-path-traversal-to-arbitrary-file-read-and-deletion-in-wfufiledownloaderphp","WordPress File Upload \u003C= 4.24.11 - Unauthenticated Path Traversal to Arbitrary File Read and Deletion in wfu_file_downloader.php","The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier.","\u003C=4.24.11","4.24.12","2024-10-11 00:00:00","2024-10-12 06:51:13",[111],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F554a314c-9e8e-4691-9792-d086790ef40f?source=api-prod",{"id":113,"url_slug":114,"title":115,"description":116,"plugin_slug":4,"theme_slug":38,"affected_versions":117,"patched_in_version":118,"severity":83,"cvss_score":119,"cvss_vector":120,"vuln_type":121,"published_date":122,"updated_date":123,"references":124,"days_to_patch":48},"CVE-2024-7301","wordpress-file-upload-unauthenticated-stored-cross-site-scripting-via-svg-file-upload","WordPress File Upload \u003C= 4.24.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload","The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.24.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.","\u003C=4.24.8","4.24.9",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-08-15 16:20:06","2024-08-16 04:29:28",[125],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe2b16b9c-48c7-4370-839b-696797ff2101?source=api-prod",{"id":127,"url_slug":128,"title":129,"description":130,"plugin_slug":4,"theme_slug":38,"affected_versions":131,"patched_in_version":132,"severity":41,"cvss_score":133,"cvss_vector":134,"vuln_type":96,"published_date":135,"updated_date":136,"references":137,"days_to_patch":139},"CVE-2024-39639","wordpress-file-upload-missing-authorization","WordPress File Upload \u003C= 4.24.7 - Missing Authorization","The WordPress File Upload plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wfu_ajax_action_save_shortcode() function in versions up to, and including, 4.24.7. This makes it possible for authenticated attackers, with contributor-level access and above, to save shortcodes","\u003C=4.24.7","4.24.8",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","2024-08-01 00:00:00","2024-08-08 14:25:16",[138],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8fd93c96-36e9-4e9b-a7ef-b4dc6b7221a8?source=api-prod",8,{"id":141,"url_slug":142,"title":143,"description":144,"plugin_slug":4,"theme_slug":38,"affected_versions":131,"patched_in_version":132,"severity":83,"cvss_score":119,"cvss_vector":120,"vuln_type":121,"published_date":145,"updated_date":146,"references":147,"days_to_patch":149},"CVE-2024-6494","wordpress-file-upload-unauthenticated-stored-cross-site-scripting","WordPress File Upload \u003C= 4.24.7 - Unauthenticated Stored Cross-Site Scripting","The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom text fileds in all versions up to, and including, 4.24.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is only exploitable when the file uploader is added to a page\u002Fpost.","2024-07-16 00:00:00","2024-08-09 19:23:52",[148],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F332909d5-e3bf-42a7-af52-c4e50b05f97e?source=api-prod",25,{"id":151,"url_slug":152,"title":153,"description":154,"plugin_slug":4,"theme_slug":38,"affected_versions":131,"patched_in_version":132,"severity":41,"cvss_score":155,"cvss_vector":156,"vuln_type":121,"published_date":145,"updated_date":157,"references":158,"days_to_patch":149},"CVE-2024-6651","wordpress-file-upload-reflected-cross-site-scripting","WordPress File Upload \u003C= 4.24.7 - Reflected Cross-Site Scripting","The WordPress File Upload plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dir' parameter in all versions up to, and including, 4.24.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-08-09 19:22:01",[159],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9dc49d44-d4ba-49d8-96eb-547832fe4b5e?source=api-prod",{"id":161,"url_slug":162,"title":163,"description":164,"plugin_slug":4,"theme_slug":38,"affected_versions":131,"patched_in_version":132,"severity":41,"cvss_score":42,"cvss_vector":165,"vuln_type":86,"published_date":166,"updated_date":167,"references":168,"days_to_patch":48},"CVE-2024-5852","wordpress-file-upload-authenticated-contributor-directory-traversal","WordPress File Upload \u003C= 4.24.7 - Authenticated (Contributor+) Directory Traversal","The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.24.7 via the 'uploadpath' parameter of the wordpress_file_upload shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload limited files to arbitrary locations on the web server.","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","2024-07-15 00:00:00","2024-07-16 08:32:32",[169],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F39bb69e0-fb18-4737-9eb7-bda2b5bc16a2?source=api-prod",{"id":171,"url_slug":172,"title":173,"description":174,"plugin_slug":4,"theme_slug":38,"affected_versions":175,"patched_in_version":176,"severity":41,"cvss_score":177,"cvss_vector":178,"vuln_type":121,"published_date":179,"updated_date":180,"references":181,"days_to_patch":183},"CVE-2024-2847","wordpress-file-upload-authenticated-contributor-stored-cross-site-scripting-via-shortcode","WordPress File Upload \u003C= 4.24.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.24.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=4.24.5","4.24.6",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-03-29 00:00:00","2024-05-31 15:30:49",[182],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9f665099-d1c3-43a9-b37b-c9f42c9172ad?source=api-prod",64,{"id":185,"url_slug":186,"title":187,"description":188,"plugin_slug":4,"theme_slug":38,"affected_versions":189,"patched_in_version":190,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":191,"updated_date":192,"references":193,"days_to_patch":195},"WF-b6048088-c11c-4741-8dde-da707f8f84f2-wp-file-upload","wordpress-file-upload-cross-site-request-forgery-2","Wordpress File Upload 4.24.0 - Cross-Site Request Forgery","The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.24.0. This is due to missing or incorrect nonce validation on the wfu_ajax_action_save_shortcode function. This makes it possible for unauthenticated attackers to save shortcodes via a forged request granted they can trick a site administrator or editor into performing an action such as clicking on a link.","\u003C=4.24.0","4.24.1","2023-11-14 00:00:00","2024-01-22 19:56:02",[194],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb6048088-c11c-4741-8dde-da707f8f84f2?source=api-prod",70,{"id":197,"url_slug":198,"title":199,"description":200,"plugin_slug":4,"theme_slug":38,"affected_versions":201,"patched_in_version":202,"severity":41,"cvss_score":203,"cvss_vector":204,"vuln_type":121,"published_date":205,"updated_date":192,"references":206,"days_to_patch":208},"CVE-2023-4811","wordpress-file-upload-authenticatedadministrator-stored-cross-site-scripting","Wordpress File Upload \u003C= 4.23.2 - Authenticated(Administrator+) Stored Cross-Site Scripting","The Wordpress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute in versions up to, and including, 4.23.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C4.23.3","4.23.3",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2023-09-12 00:00:00",[207],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0e1915d9-8ea9-4ab2-9746-3c49bc0bd7c8?source=api-prod",133,{"id":210,"url_slug":211,"title":212,"description":213,"plugin_slug":4,"theme_slug":38,"affected_versions":214,"patched_in_version":215,"severity":41,"cvss_score":133,"cvss_vector":216,"vuln_type":121,"published_date":217,"updated_date":192,"references":218,"days_to_patch":220},"WF-7534f2e5-a296-4c54-99e3-d84f5c9a5b51-wp-file-upload","wordpress-file-upload-cross-site-scripting","WordPress File Upload \u003C= 4.16.3 - Cross-Site Scripting","The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 4.16.3 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser.","\u003C=4.16.3","4.16.4","CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2022-05-15 00:00:00",[219],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7534f2e5-a296-4c54-99e3-d84f5c9a5b51?source=api-prod",618,{"id":222,"url_slug":223,"title":224,"description":225,"plugin_slug":4,"theme_slug":38,"affected_versions":226,"patched_in_version":227,"severity":41,"cvss_score":133,"cvss_vector":228,"vuln_type":121,"published_date":229,"updated_date":192,"references":230,"days_to_patch":232},"CVE-2021-24960","wordpress-file-upload-authenticated-contributor-stored-cross-site-scripting-via-malicious-svg","WordPress File Upload \u003C= 4.16.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Malicious SVG","The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks","\u003C4.16.3","4.16.3","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2022-02-14 00:00:00",[231],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F19e9a9f7-d2e3-4ebb-b121-99c7c81ede4f?source=api-prod",708,{"id":234,"url_slug":235,"title":236,"description":237,"plugin_slug":4,"theme_slug":38,"affected_versions":226,"patched_in_version":227,"severity":41,"cvss_score":133,"cvss_vector":228,"vuln_type":121,"published_date":229,"updated_date":192,"references":238,"days_to_patch":232},"CVE-2021-24961","wordpress-file-upload-authenticated-stored-cross-site-scripting-via-shortcode","WordPress File Upload \u003C= 4.16.2 - Authenticated Stored Cross-Site Scripting via Shortcode","The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks",[239],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F499483a0-957b-459e-b2f5-fc39c4f86c9e?source=api-prod",{"id":241,"url_slug":242,"title":243,"description":244,"plugin_slug":4,"theme_slug":38,"affected_versions":245,"patched_in_version":246,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":86,"published_date":247,"updated_date":248,"references":249,"days_to_patch":251},"CVE-2020-10564","wordpress-file-upload-directory-traversal-to-remote-code-execution","WordPress File Upload \u003C= 4.12.2 - Directory Traversal to Remote Code Execution","An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because of a wfu_include_lib call.","\u003C=4.12.2","4.13.0","2020-03-13 00:00:00","2024-06-17 19:03:48",[250],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffb5a65a2-e748-4c23-8cae-cb0a7de74911?source=api-prod",1558,{"id":253,"url_slug":254,"title":255,"description":256,"plugin_slug":4,"theme_slug":38,"affected_versions":257,"patched_in_version":258,"severity":41,"cvss_score":155,"cvss_vector":156,"vuln_type":121,"published_date":259,"updated_date":192,"references":260,"days_to_patch":262},"CVE-2018-9844","wordpress-file-upload-stored-cross-site-scripting","WordPress File Upload \u003C= 4.3.3 - Stored Cross-Site Scripting","The WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS.","\u003C4.3.4","4.3.4","2018-04-06 00:00:00",[261],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffd60fa87-d3da-4e3f-bd9b-b9d117bdbc4c?source=api-prod",2118,{"id":264,"url_slug":265,"title":266,"description":267,"plugin_slug":4,"theme_slug":38,"affected_versions":268,"patched_in_version":269,"severity":41,"cvss_score":270,"cvss_vector":271,"vuln_type":121,"published_date":272,"updated_date":192,"references":273,"days_to_patch":275},"CVE-2018-9172","wordpress-file-upload-cross-site-scripting-via-shortcodes","WordPress File Upload \u003C= 4.3.2 - Cross-Site Scripting via Shortcodes","The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes.","\u003C4.3.3","4.3.3",4.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:C\u002FC:N\u002FI:L\u002FA:N","2018-03-31 00:00:00",[274],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7d65a987-e8a6-4615-b681-9f48b7caed4f?source=api-prod",2124,{"id":277,"url_slug":278,"title":279,"description":280,"plugin_slug":4,"theme_slug":38,"affected_versions":281,"patched_in_version":282,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":283,"published_date":284,"updated_date":192,"references":285,"days_to_patch":287},"WF-8ada8a27-752c-4726-b330-895b967ea290-wp-file-upload","wordpress-file-upload-arbitrary-file-upload-3","WordPress File Upload \u003C 3.9.0 - Arbitrary File Upload","The WordPress File Upload plugin is vulnerable to arbitrary file uploads due to insufficient file type validation in versions up to, and including, 3.8.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.","\u003C3.9.0","3.9.0","Unrestricted Upload of File with Dangerous Type","2016-06-23 00:00:00",[286],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8ada8a27-752c-4726-b330-895b967ea290?source=api-prod",2770,{"id":289,"url_slug":290,"title":291,"description":292,"plugin_slug":4,"theme_slug":38,"affected_versions":293,"patched_in_version":294,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":283,"published_date":295,"updated_date":192,"references":296,"days_to_patch":298},"CVE-2015-9341","wordpress-file-upload-arbitrary-file-upload-4","WordPress File Upload \u003C= 3.4.0 - Arbitrary File Upload","The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files.","\u003C3.4.1","3.4.1","2015-10-29 00:00:00",[297],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffd8e6b8a-0161-4bf7-b480-77258337e9b9?source=api-prod",3008,{"id":300,"url_slug":301,"title":302,"description":303,"plugin_slug":4,"theme_slug":38,"affected_versions":304,"patched_in_version":305,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":283,"published_date":306,"updated_date":192,"references":307,"days_to_patch":309},"CVE-2015-9340","wordpress-file-upload-arbitrary-file-upload-5","WordPress File Upload \u003C 3.0.0 - Arbitrary File Upload","The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files.","\u003C3.0.0","3.0.0","2015-07-02 00:00:00",[308],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fffeb4b5e-4c83-4b0e-a513-6b5cada95073?source=api-prod",3127,{"id":311,"url_slug":312,"title":313,"description":314,"plugin_slug":4,"theme_slug":38,"affected_versions":315,"patched_in_version":316,"severity":83,"cvss_score":317,"cvss_vector":318,"vuln_type":283,"published_date":319,"updated_date":192,"references":320,"days_to_patch":322},"CVE-2015-9339","wordpress-file-upload-arbitrary-file-upload","WordPress File Upload \u003C 2.7.1 - Arbitrary File Upload","The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files.","\u003C2.7.1","2.7.1",8.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:H\u002FA:N","2015-05-09 00:00:00",[321],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F65a02152-be62-4e27-8a31-e88f23e0236f?source=api-prod",3181,{"id":324,"url_slug":325,"title":326,"description":327,"plugin_slug":4,"theme_slug":38,"affected_versions":328,"patched_in_version":329,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":283,"published_date":330,"updated_date":192,"references":331,"days_to_patch":333},"CVE-2015-9338","wordpress-file-upload-arbitrary-file-upload-2","WordPress File Upload \u003C= 2.4.6 - Arbitrary File Upload","The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files.","\u003C=2.4.6","2.5.0","2015-01-23 00:00:00",[332],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F85bea3da-f54a-4a77-9abe-6c24bbdcc25c?source=api-prod",3287,{"id":335,"url_slug":336,"title":337,"description":338,"plugin_slug":4,"theme_slug":38,"affected_versions":339,"patched_in_version":340,"severity":41,"cvss_score":155,"cvss_vector":156,"vuln_type":121,"published_date":341,"updated_date":342,"references":343,"days_to_patch":345},"CVE-2014-125110","wordpress-file-upload-reflected-cross-site-scripting-2","WordPress File Upload \u003C= 2.4.3 - Reflected Cross-Site Scripting","The WordPress File Upload plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=2.4.3","2.4.4","2014-08-20 00:00:00","2024-04-24 14:10:51",[344],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa85eec18-49cc-44c0-ac86-ccc192a621a0?source=api-prod",3536,{"id":347,"url_slug":348,"title":349,"description":350,"plugin_slug":4,"theme_slug":38,"affected_versions":351,"patched_in_version":352,"severity":41,"cvss_score":353,"cvss_vector":354,"vuln_type":44,"published_date":355,"updated_date":192,"references":356,"days_to_patch":358},"CVE-2014-5199","wordpress-file-upload-cross-site-request-forgery","WordPress File Upload \u003C 2.4.2 - Cross-Site Request Forgery","Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) before 2.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors.","\u003C2.4.2","2.4.2",6.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:L\u002FI:L\u002FA:L","2014-08-08 00:00:00",[357],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb3083afd-ca84-4088-8e72-95254d56a0c0?source=api-prod",3455,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":48,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":360,"trust_score":195,"computed_at":361},1139,"2026-04-04T16:46:19.458Z",[363,388,415,436,453],{"slug":364,"name":365,"version":366,"author":367,"author_profile":368,"description":369,"short_description":370,"active_installs":371,"downloaded":372,"rating":373,"num_ratings":374,"last_updated":375,"tested_up_to":16,"requires_at_least":376,"requires_php":377,"tags":378,"homepage":383,"download_link":384,"security_score":385,"vuln_count":386,"unpatched_count":29,"last_vuln_date":387,"fetched_at":31},"drag-and-drop-multiple-file-upload-contact-form-7","Drag and Drop Multiple File Upload for Contact Form 7","1.3.9.6","Glen Don Mongaya","https:\u002F\u002Fprofiles.wordpress.org\u002Fglenwpcoder\u002F","\u003Cp>\u003Cstrong>Drag and Drop Multiple File Upload\u003C\u002Fstrong> is a simple, straightforward WordPress plugin extension for Contact Form 7, which allows the user to upload multiple files using the \u003Cstrong>drag-and-drop\u003C\u002Fstrong> feature or the common browse-file of your webform.\u003C\u002Fp>\n\u003Cp>Drag and Drop Multiple File Upload for Contact Form 7 is an independent plugin, not affiliated with or endorsed by the developers of Contact Form 7.\u003C\u002Fp>\n\u003Cp>Here’s a little \u003Ca href=\"http:\u002F\u002Fcodedropz.com\u002Fcontact\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>File Type Validation\u003C\u002Fli>\n\u003Cli>File Size Validation\u003C\u002Fli>\n\u003Cli>Ajax Uploader\u003C\u002Fli>\n\u003Cli>Limit number of files Upload.\u003C\u002Fli>\n\u003Cli>Limit files size for each field\u003C\u002Fli>\n\u003Cli>Can specify custom file types or extension\u003C\u002Fli>\n\u003Cli>Manage Text and Error message in admin settings\u003C\u002Fli>\n\u003Cli>Drag & Drop or Browse File – Multiple Upload\u003C\u002Fli>\n\u003Cli>Support Multiple Drag and Drop in One Form.\u003C\u002Fli>\n\u003Cli>Able to delete uploaded file before being sent\u003C\u002Fli>\n\u003Cli>Send files as \u003Cstrong>email attachment\u003C\u002Fstrong> or as a \u003Cstrong>links\u003C\u002Fstrong>. \u003Cem>(see note below)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>Support multiple languages\u003C\u002Fli>\n\u003Cli>Mobile Responsive\u003C\u002Fli>\n\u003Cli>Cool Progress Bar\u003C\u002Fli>\n\u003Cli>Compatible with any browser\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>PLUGIN GUIDE – FREE VERSION\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FDvuvmzIImYo?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> On Free version, all uploaded files moves to a temporary folder \u003Cem>(“\u002Fwp-content\u002Fuploads\u002Fwp_dndcf7_uploads”)\u003C\u002Fem> then attaches the file to the mail and sends it. After that \u003Cstrong>“Drag & Drop File Upload”\u003C\u002Fstrong> removes the file from the temporary folder \u003Cstrong>1 hour\u003C\u002Fstrong> after the submission. \u003Cem>( same process with the default \u003Cstrong>“file”\u003C\u002Fstrong> upload of Contact Form 7 – \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Ffile-uploading-and-attachment\u002F#How-your-uploaded-files-are-managed\" rel=\"nofollow ugc\">See here\u003C\u002Fa> )\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>To \u003Cstrong>adjust\u003C\u002Fstrong> or \u003Cstrong>disable\u003C\u002Fstrong> the auto-deletion feature, we suggest upgrading to the \u003Cstrong>PRO version\u003C\u002Fstrong> for more options \u003Cem>(see below)\u003C\u002Fem>.\u003C\u002Fp>\n\u003Ch3>⭐ Premium Features ⭐\u003C\u002Fh3>\n\u003Cp>Check out the available features in the \u003Ca href=\"https:\u002F\u002Fwww.codedropz.com\u002Fdrag-drop-multiple-file-upload-for-contact-form-7\u002F#shop\" rel=\"nofollow ugc\">\u003Cstrong>PRO version\u003C\u002Fstrong>\u003C\u002Fa>.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Upload Large File\u003C\u002Fstrong> – Supports uploading large files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Preview\u003C\u002Fstrong> – Displays thumbnails for images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Delete Files\u003C\u002Fstrong> – Automatically deletes files after a set time \u003Cem>(hours, weeks, days, months, etc)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zip Files\u003C\u002Fstrong> – Compress uploaded files into a ZIP archive\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Save Files to Media Library\u003C\u002Fstrong> – Store files in the WordPress media library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change Upload Directory\u003C\u002Fstrong> – Customize the default WordPress upload directory.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Upload Folder\u003C\u002Fstrong> – 📂 Choose a custom folder to store files:\u003Cbr \u002F>\n✅ Contact Form 7 Fields: Use any field name\u003Cbr \u002F>\n✅ Generated Date & Time: Timestamp-based folders\u003Cbr \u002F>\n✅ Random Folder: Auto-generated letters & numbers\u003Cbr \u002F>\n✅ By User: Requires login to store files in the user’s email or first name.\u003Cbr \u002F>\n✅ Custom Folder: Manually input a folder name\u003Cbr \u002F>\n✅ Dynamic Folder: \u003Cem>User (name, id), Post (id, slug), CF7 field\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Send as Attachments, Zip, or Links\u003C\u002Fstrong> – Flexible file delivery options.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Chunked Uploads\u003C\u002Fstrong> – Upload large files in smaller chunks to avoid timeouts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Max Total Size\u003C\u002Fstrong> – Set the maximum combined size for all uploaded files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Parallel Upload\u003C\u002Fstrong> – Limit simultaneous uploads to optimize server performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Filename\u003C\u002Fstrong> – Define custom filename patterns: \u003Cem>( {filename}, {cf7-field-name}, {ip_address}, {random}, {post_id}, {post_slug}, etc. )\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Color Options\u003C\u002Fstrong> – Customize colors for \u003Cstrong>file size\u003C\u002Fstrong>, \u003Cstrong>progress bar\u003C\u002Fstrong>, \u003Cstrong>filename\u003C\u002Fstrong>, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Prevent Duplicate\u003C\u002Fstrong> – Disable button to prevent duplicate submissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Theme\u003C\u002Fstrong> – Switch between \u003Cstrong>“Dark”\u003C\u002Fstrong> or \u003Cstrong>“Light”\u003C\u002Fstrong> themes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Form Entries\u003C\u002Fstrong> – Store form entries in WordPress admin.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless Remote Storage Integration\u003C\u002Fstrong>\u003Cbr \u002F>\n🔥 Supports: \u003Cstrong>OneDrive\u003C\u002Fstrong>, \u003Cstrong>Google Drive\u003C\u002Fstrong>, \u003Cstrong>Amazon S3\u003C\u002Fstrong>, \u003Cstrong>Dropbox\u003C\u002Fstrong>, \u003Cstrong>FTP\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Size Validation\u003C\u002Fstrong> – Ensure images meet required width and height.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Resize\u003C\u002Fstrong> – Supports image resizing (e.g., 800×800). \u003Cem>(\u003Cstrong>Standard\u003C\u002Fstrong> Version Only)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimize Image\u003C\u002Fstrong> – Optimize images after resizing. \u003Cem>(\u003Cstrong>Standard\u003C\u002Fstrong> Version Only)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security\u003C\u002Fstrong> – Ensure security with regular updates, vulnerability scans, and threat protection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimized Code & Performance\u003C\u002Fstrong> – Improve speed and efficiency.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Pro version\u003C\u002Fstrong> is also compatible with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Contact Form 7 Add-on – Arshid\u003C\u002Fli>\n\u003Cli>Database for Contact Form 7- Ninja\u003C\u002Fli>\n\u003Cli>Advanced Contact form 7 DB – Vsourz Digital\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can get \u003Ca href=\"https:\u002F\u002Fwww.codedropz.com\u002Fdrag-drop-multiple-file-upload-for-contact-form-7\u002F#shop\" rel=\"nofollow ugc\">PRO Version here\u003C\u002Fa>!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PRO VERSION – PLUGIN OVERVIEW\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FPoQA4KmIETA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Other Plugins You May Like\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.codedropz.com\u002Fwoo-order-files\u002F\" rel=\"nofollow ugc\">Order Files for WooCommerce\u003C\u002Fa>\u003Cbr \u002F>\nAn extension that attach files to existing WooCommerce orders, allowing both customers and admins to upload and manage files easily.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-file-upload-approval\u002F\" rel=\"ugc\">Easy File Upload & Approval\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Easy File Upload & Approval\u003C\u002Fstrong> – A simple file management plugin that lets users effortlessly upload and submit files for review through a clean and simple drag-and-drop interface.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdrag-and-drop-multiple-file-upload-for-woocommerce\u002F\" rel=\"ugc\">Drag & Drop Multiple File Upload – WooCommerce\u003C\u002Fa>\u003Cbr \u002F>\nAn extension for \u003Cstrong>WooCommerce\u003C\u002Fstrong> – Transform your simple file upload into beautiful \u003Cstrong>“Drag & Drop Multiple File Upload”\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.codedropz.com\u002Fdrag-drop-file-uploader-wpforms\u002F\" rel=\"nofollow ugc\">Drag & Drop Multiple File Upload – WPForms\u003C\u002Fa>\u003Cbr \u002F>\nAn extension for \u003Cstrong>WPForms\u003C\u002Fstrong> – Transform your simple file upload into beautiful \u003Cstrong>“Drag & Drop Multiple File Upload”\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","This simple plugin create Drag & Drop or choose Multiple File upload in your Confact Form 7 Forms.",60000,1252411,96,94,"2026-03-05T05:19:00.000Z","3.0.1","5.2.4",[379,380,381,382,24],"ajax-uploader","contact-form-7","drag-and-drop","multiple-file","http:\u002F\u002Fcodedropz.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdrag-and-drop-multiple-file-upload-contact-form-7.1.3.9.6.zip",81,14,"2026-03-05 06:23:44",{"slug":389,"name":390,"version":391,"author":392,"author_profile":393,"description":394,"short_description":395,"active_installs":396,"downloaded":397,"rating":398,"num_ratings":399,"last_updated":400,"tested_up_to":401,"requires_at_least":402,"requires_php":403,"tags":404,"homepage":410,"download_link":411,"security_score":412,"vuln_count":413,"unpatched_count":29,"last_vuln_date":414,"fetched_at":31},"mega-forms","Contact Form By Mega Forms – Drag and Drop Form Builder","1.6.9","Ali Khallad","https:\u002F\u002Fprofiles.wordpress.org\u002Falikhallad\u002F","\u003Cp>Mega Forms is highly advanced contact form builder for WordPress, it comes with all the contact form features you will ever need, including AJAX submission, multi-page contact forms, secure file uploads, conditional logic, save and continue, user creation, front end posting, and tons more. You can use Mega Forms to save time, grow customer interaction, and build better contact forms for any purpose.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpmegaforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=wp-repo\" rel=\"nofollow ugc\">Mega Forms\u003C\u002Fa> gives you a modern interface, easy customization, and the ability to build modern & professional forms thanks to our intuitive drag & drop visual editor.\u003C\u002Fp>\n\u003Cp>Now you can create better forms, embed them anywhere on your WordPress website, get email notification for each submission, perform custom tasks, and collect & manage data without being a coding ninja.\u003C\u002Fp>\n\u003Cp>Mega Forms contact forms are also highly optimized for web and server performance. We know how important speed is when it comes to SEO and user experience, that’s why we have built every piece of Mega Forms with performance and usability in mind. Mega Forms will load the least possible amount of CSS & JS assets, and only store necessary data to the database to keep your website fast and provide your users with better experience.\u003C\u002Fp>\n\u003Ch4>No Coding Skills Required\u003C\u002Fh4>\n\u003Cp>No technical skill? No problem. You can easily design simple and complex forms with our highly advanced visual builder. Mega Forms offers a flexible row\u002Fcolumn layout system that requires very minimal effort to build forms that blends nicely with your website design.\u003C\u002Fp>\n\u003Ch4>Developer Friendly\u003C\u002Fh4>\n\u003Cp>Mega Forms has been built with developers in mind. This means it’s flexible, easily extendable, and full of action and filter hooks, making it easy to customize to your own needs.\u003C\u002Fp>\n\u003Ch4>Top Features\u003C\u002Fh4>\n\u003Cp>Mega Forms comes with a visual editor and ton of other features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Intuitive user interface\u003C\u002Fli>\n\u003Cli>Drag & drop form builder\u003C\u002Fli>\n\u003Cli>Optimized for speed & performance\u003C\u002Fli>\n\u003Cli>Tons of free field types ( text, select, radio, checkboxes and more )\u003C\u002Fli>\n\u003Cli>Regular updates & dedicated support\u003C\u002Fli>\n\u003Cli>Fully responsive & mobile friendly\u003C\u002Fli>\n\u003Cli>Unlimited forms & form submission\u003C\u002Fli>\n\u003Cli>Merge tags support\u003C\u002Fli>\n\u003Cli>Multi-steps support\u003C\u002Fli>\n\u003Cli>Conditional logic support ( for fields, form notifications and more )\u003C\u002Fli>\n\u003Cli>Save And Continue Later support\u003C\u002Fli>\n\u003Cli>Front end posting & User creation\u003C\u002Fli>\n\u003Cli>Export and import forms\u003C\u002Fli>\n\u003Cli>Export entries\u003C\u002Fli>\n\u003Cli>Customizable templates\u003C\u002Fli>\n\u003Cli>Full control ( styles, email templates, field templates and more )\u003C\u002Fli>\n\u003Cli>Developer friendly\u003C\u002Fli>\n\u003Cli>Highly effective Anti-spam system ( invisible to users )\u003C\u002Fli>\n\u003Cli>reCaptcha support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Available Extensions ( third-party )\u003C\u002Fh4>\n\u003Cp>The following extensions above are provided by third-party developers, we do not manage or support these extensions.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flichtmetzger\u002Fmega-forms-local-captcha\" rel=\"nofollow ugc\">Local captcha by MobiCMS\u003C\u002Fa>: Integrates a local captcha by MobiCMS into Mega Forms.\u003C\u002Fli>\n\u003C\u002Ful>\n","Contact form builder that allows you to create forms for any purpose. Drag & drop form fields to build modern, professional contact forms in minutes.",200,10529,100,11,"2026-01-20T16:08:00.000Z","6.8.5","5.0","7.4",[405,406,407,408,409],"ajax-forms","custom-form","drag-and-drop-form-builder","file-upload-forms","multi-step-ajax-form","http:\u002F\u002Fwpmegaforms.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmega-forms.zip",98,2,"2025-09-03 00:00:00",{"slug":416,"name":417,"version":418,"author":419,"author_profile":420,"description":421,"short_description":422,"active_installs":11,"downloaded":423,"rating":412,"num_ratings":424,"last_updated":425,"tested_up_to":16,"requires_at_least":426,"requires_php":403,"tags":427,"homepage":432,"download_link":433,"security_score":434,"vuln_count":48,"unpatched_count":29,"last_vuln_date":435,"fetched_at":31},"multiline-files-for-contact-form-7","MultiLine Files for Contact Form 7","3.1.0","Maulik Vora","https:\u002F\u002Fprofiles.wordpress.org\u002Fzluck\u002F","\u003Cp>\u003Cstrong>MultiLine Files for Contact Form 7\u003C\u002Fstrong> is the ultimate solution for adding multiple file upload functionality to your Contact Form 7 forms. Whether you’re collecting documents, images, videos, or any other file types, this plugin provides a seamless, user-friendly experience that enhances your forms’ capabilities.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Choose MultiLine Files for Contact Form 7?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>✅ \u003Cstrong>Unlimited File Uploads\u003C\u002Fstrong> – No restrictions on the number of files users can upload\u003Cbr \u002F>\n✅ \u003Cstrong>Intuitive User Interface\u003C\u002Fstrong> – Clean, responsive design that works on all devices\u003Cbr \u002F>\n✅ \u003Cstrong>Smart File Management\u003C\u002Fstrong> – Users can preview, remove, and manage files before submission\u003Cbr \u002F>\n✅ \u003Cstrong>Automatic ZIP Compression\u003C\u002Fstrong> – All files are automatically compressed into a single ZIP file for easy email delivery\u003Cbr \u002F>\n✅ \u003Cstrong>Advanced Security\u003C\u002Fstrong> – Built-in file type validation, size limits, and security measures\u003Cbr \u002F>\n✅ \u003Cstrong>Easy Integration\u003C\u002Fstrong> – Works seamlessly with Contact Form 7 without complex setup\u003Cbr \u002F>\n✅ \u003Cstrong>Fully Responsive\u003C\u002Fstrong> – Perfect experience on desktop, tablet, and mobile devices\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Perfect For:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Document submission forms\u003C\u002Fli>\n\u003Cli>Portfolio uploads\u003C\u002Fli>\n\u003Cli>Job application forms\u003C\u002Fli>\n\u003Cli>Support ticket systems\u003C\u002Fli>\n\u003Cli>Content submission platforms\u003C\u002Fli>\n\u003Cli>Any form requiring multiple file attachments\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How to change style?\u003C\u002Fh3>\n\u003Cp>If you want to change our plugin button or others file listing style and apply your custom style please add your custom css in your theme’s css file. Adding style in child theme is recommended. Here I have shown style guide for button and listing. so, you can easily update style of the elements.\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Buttton style:\u003C\u002Fstrong> \u003Ccode>#mfcf7_zl_add_file { background-color: #004834; }\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>‘X’ icon style:\u003C\u002Fstrong> \u003Ccode>.mfcf7_zl_multifilecontainer p .mfcf7_zl_delete_file i { color: azure; }\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Selected file name style:\u003C\u002Fstrong> \u003Ccode>.mfcf7-zl-multifile-name { color: black; }\u003C\u002Fcode>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Premium Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Upgrade to Pro for Advanced Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>🎯 \u003Cstrong>Multiple Upload Buttons\u003C\u002Fstrong> – Add multiple file upload fields in the same form\u003C\u002Fli>\n\u003Cli>📊 \u003Cstrong>File Limits\u003C\u002Fstrong> – Set minimum and maximum file count limits\u003C\u002Fli>\n\u003Cli>🎨 \u003Cstrong>Custom Positioning\u003C\u002Fstrong> – Change the location of the file list display\u003C\u002Fli>\n\u003Cli>🗑️ \u003Cstrong>Individual File Removal\u003C\u002Fstrong> – Remove files one by one even when selected together\u003C\u002Fli>\n\u003Cli>🚀 \u003Cstrong>Priority Support\u003C\u002Fstrong> – Get faster response times and dedicated support\u003C\u002Fli>\n\u003Cli>🔧 \u003Cstrong>Advanced Customization\u003C\u002Fstrong> – More styling and configuration options\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002F1.envato.market\u002F9W6qL4\" rel=\"nofollow ugc\">Get Pro Version Now\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Need Help?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>📧 \u003Cstrong>Email Support\u003C\u002Fstrong>: Contact us through the WordPress.org support forums\u003C\u002Fli>\n\u003Cli>🐛 \u003Cstrong>Bug Reports\u003C\u002Fstrong>: Report issues on our GitHub repository\u003C\u002Fli>\n\u003Cli>💡 \u003Cstrong>Feature Requests\u003C\u002Fstrong>: Suggest new features via our support channels\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>This plugin does not collect, store, or transmit any personal data. All file uploads are handled locally on your server and are not sent to any third-party services. Files are temporarily stored during form submission and are automatically cleaned up after processing.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fzluck\" rel=\"nofollow ugc\">Zluck Solutions\u003C\u002Fa> with ❤️ for the WordPress community.\u003C\u002Fp>\n\u003Ch3>Donate\u003C\u002Fh3>\n\u003Cp>If you find this plugin helpful, please consider \u003Ca href=\"https:\u002F\u002Fwww.buymeacoffee.com\u002Fzluck\" rel=\"nofollow ugc\">buying us a coffee\u003C\u002Fa> to support continued development and maintenance.\u003C\u002Fp>\n","Upload unlimited files to Contact Form 7 with an intuitive interface, file management, and automatic ZIP compression for email delivery.",124058,49,"2025-12-15T11:24:00.000Z","5.6",[380,428,429,430,431],"file-attachment","file-uploader","form-plugin","multiple-file-upload","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultiline-files-for-contact-form-7\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultiline-files-for-contact-form-7.3.1.0.zip",99,"2024-10-15 00:00:00",{"slug":437,"name":438,"version":439,"author":367,"author_profile":368,"description":440,"short_description":441,"active_installs":442,"downloaded":443,"rating":412,"num_ratings":444,"last_updated":445,"tested_up_to":16,"requires_at_least":376,"requires_php":377,"tags":446,"homepage":448,"download_link":449,"security_score":450,"vuln_count":451,"unpatched_count":29,"last_vuln_date":452,"fetched_at":31},"drag-and-drop-multiple-file-upload-for-woocommerce","Drag and Drop Multiple File Upload for WooCommerce","1.1.7","\u003Cp>\u003Cstrong>Drag and Drop Multiple File Uploader\u003C\u002Fstrong> is a simple, straightforward WordPress plugin extension for WooCommerce that transforms your standard upload interface into a visually appealing file uploader. it allows users to upload multiple files using either the \u003Cstrong>drag-and-drop\u003C\u002Fstrong> feature or the common file browsing option on your product page.\u003C\u002Fp>\n\u003Cp>Plugin requires at least v3.5.0 of WooCommerce.\u003C\u002Fp>\n\u003Cp>Here’s a little \u003Ca href=\"https:\u002F\u002Fwoo-commerce.codedropz.com\u002Fproduct\u002Fcap\u002F\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>File Type Validation\u003C\u002Fli>\n\u003Cli>File Size Validation\u003C\u002Fli>\n\u003Cli>Ajax Uploader\u003C\u002Fli>\n\u003Cli>Limit number of files Upload.\u003C\u002Fli>\n\u003Cli>Limit files size for each field\u003C\u002Fli>\n\u003Cli>Can specify custom file types or extension\u003C\u002Fli>\n\u003Cli>Manage Text and Error message in admin settings\u003C\u002Fli>\n\u003Cli>Drag & Drop or Browse File – Multiple Upload\u003C\u002Fli>\n\u003Cli>Display Uploader in WooCommerce – Single Product Page\u003C\u002Fli>\n\u003Cli>Option to display in “Add to Cart Form”, “Variations Form”, “Add To Cart Button”, “Single Variation”.\u003C\u002Fli>\n\u003Cli>Able to delete uploaded file before adding to cart\u003C\u002Fli>\n\u003Cli>Support multiple languages\u003C\u002Fli>\n\u003Cli>Mobile Responsive\u003C\u002Fli>\n\u003Cli>Compatible with any browser\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>⭐ Premium Features\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Upload Large File\u003C\u002Fstrong> – Supports uploading large files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Image Preview\u003C\u002Fstrong> – Displays thumbnails for images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Text & Style\u003C\u002Fstrong> – Color options, borders, uploader icon, and more.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Parallel Upload\u003C\u002Fstrong> – Limit simultaneous uploads to optimize server performance.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Filename\u003C\u002Fstrong> – Define custom filename patterns: \u003Cem>(Filename, Username, User ID, IP Address, Random, etc)\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Change Upload Directory\u003C\u002Fstrong> – Customize the default WordPress upload directory.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Upload Folder\u003C\u002Fstrong> – 📂 Choose a custom folder to store files:\u003Cbr \u002F>\n✅ Order No – Customer Order Number\u003Cbr \u002F>\n✅ Random – Auto-generated  Numbers\u003Cbr \u002F>\n✅ Date – Date formmat \u003Cem>(e.g., 04-31-2020)\u003C\u002Fem>\u003Cbr \u002F>\n✅ Time – Timestamp\u003Cbr \u002F>\n✅ Name – Users customer Firstname\u003Cbr \u002F>\n✅ Customer ID – Users customer ID\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Fees\u003C\u002Fstrong> – Basic conditional fees.\u003Cbr \u002F>\n✅ Charge the user based on the \u003Cstrong>no. of files\u003C\u002Fstrong> \u003Cem>(e.g., 20 files ≥ 2 \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> add $20)\u003C\u002Fem>.\u003Cbr \u002F>\n✅ Charge the user based on \u003Cstrong>PDF pages\u003C\u002Fstrong> \u003Cem>(e.g., 20 pages ≥ 10 \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> multiply $2)\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove\u002FReject Files\u003C\u002Fstrong> – Able to remove or delete files in admin orders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Chunked Uploads\u003C\u002Fstrong> – Upload large files in smaller chunks to avoid timeouts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Uploader Visibility\u003C\u002Fstrong> – Show based on (Categories, Products, Tags, Attributes).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Uploader Position\u003C\u002Fstrong> – Show \u003Cstrong>before\u003C\u002Fstrong> or \u003Cstrong>after\u003C\u002Fstrong> Add to Cart, Form, or Variations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Uploader Display\u003C\u002Fstrong> – Show on either the \u003Cstrong>“Checkout”\u003C\u002Fstrong> or \u003Cstrong>“Product”\u003C\u002Fstrong> page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ZIP Files\u003C\u002Fstrong> – Compress uploaded files into a ZIP archive\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seamless Remote Storage Integration\u003C\u002Fstrong> (New)\u003Cbr \u002F>\n🔥 Supports: \u003Cstrong>Google Drive\u003C\u002Fstrong>, \u003Cstrong>Amazon S3\u003C\u002Fstrong>, \u003Cstrong>Dropbox\u003C\u002Fstrong>, \u003Cstrong>FTP\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attach Files to Email\u003C\u002Fstrong> (New) – Include uploaded files in order confirmation emails.\u003Cbr \u002F>\n📝 \u003Cstrong>Note:\u003C\u002Fstrong> Works only with \u003Cstrong>standard storage\u003C\u002Fstrong> \u003Cem>(not compatible with remote storage)\u003C\u002Fem>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ajax Upload\u003C\u002Fstrong> – Upload files without page reload for a seamless experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited Uploads\u003C\u002Fstrong> – Users can upload as many files as needed.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security\u003C\u002Fstrong> – Ensure security with regular updates, vulnerability scans, and threat protection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimized Code & Performance\u003C\u002Fstrong> – Improve speed and efficiency.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Unlimited Sites\u003C\u002Fstrong> – Use on any number of websites without restrictions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>1 Month Premium Support\u003C\u002Fstrong> – Get priority assistance for one month.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multilingual Support\u003C\u002Fstrong> – Compatible with \u003Cstrong>WPML\u003C\u002Fstrong> and \u003Cstrong>Polylang\u003C\u002Fstrong> for translations.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Pro version \u003Ca href=\"https:\u002F\u002Fwww.codedropz.com\u002Fwoo-commerce-pro\u002Fshop\u002F\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You can get \u003Ca href=\"https:\u002F\u002Fwww.codedropz.com\u002Fwoocommerce-drag-drop-multiple-file-upload\u002F\" rel=\"nofollow ugc\">PRO Version here!\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PRO VERSION – PLUGIN OVERVIEW\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FHoI6roau2Cc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Other Plugin You May Like\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.codedropz.com\u002Fwoo-order-files\u002F\" rel=\"nofollow ugc\">Order Files for WooCommerce\u003C\u002Fa>\u003Cbr \u002F>\n**An extension that attach files to existing WooCommerce orders, allowing both customers and admins to upload and manage files easily.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-file-upload-approval\u002F\" rel=\"ugc\">Easy File Upload & Approval\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Easy File Upload & Approval\u003C\u002Fstrong> – A simple file management plugin that lets users effortlessly upload and submit files for review through a clean and simple drag-and-drop interface.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fdrag-and-drop-multiple-file-upload-contact-form-7\u002F\" rel=\"ugc\">Drag & Drop Multiple File Upload – Contact Form 7\u003C\u002Fa>\u003Cbr \u002F>\nDrag & Drop File Upload extension for \u003Cstrong>Contact Form 7\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.codedropz.com\u002Fdrag-drop-file-uploader-wpforms\u002F\" rel=\"nofollow ugc\">Drag & Drop Multiple File Upload – WPForms\u003C\u002Fa>\u003Cbr \u002F>\nDrag & Drop File Upload extension for \u003Cstrong>WPForms\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Donations\u003C\u002Fh3>\n\u003Cp>Would you like to support the advancement of this plugin? \u003Ca href=\"http:\u002F\u002Fcodedropz.com\u002Fdonation\" rel=\"nofollow ugc\">Donate\u003C\u002Fa>\u003C\u002Fp>\n","Drag and Drop Multiple File Uploader is a simple, straightforward WordPress plugin extension for WooCommerce.",5000,78657,20,"2026-03-11T05:12:00.000Z",[379,381,382,24,447],"woocommerce","https:\u002F\u002Fwww.codedropz.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdrag-and-drop-multiple-file-upload-for-woocommerce.1.1.7.zip",86,4,"2025-05-08 20:19:50",{"slug":454,"name":455,"version":456,"author":457,"author_profile":458,"description":459,"short_description":460,"active_installs":442,"downloaded":461,"rating":462,"num_ratings":463,"last_updated":464,"tested_up_to":465,"requires_at_least":466,"requires_php":18,"tags":467,"homepage":471,"download_link":472,"security_score":473,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"multifile-upload-field-for-contact-form-7","Multifile Upload Field for Contact Form 7","1.0.1","Nitroweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fspyrosvl\u002F","\u003Cp>It adds multiple file upload capability to Contact Form 7. You may also attach the files to the outgoing email. You will reveive all files in one zip file. It requires ZipArchive() installed and enable in PHP.\u003C\u002Fp>\n","Multiple files upload field addon for Contact Form 7",48873,66,10,"2017-11-28T21:40:00.000Z","4.7.32","4.3",[468,469,470,22],"contact","contact-form","contact-form-7-multiple-files-upload","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultifile-upload-field-for-contact-form-7\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultifile-upload-field-for-contact-form-7.1.0.1.zip",85,{"attackSurface":475,"codeSignals":625,"taintFlows":648,"riskAssessment":703,"analyzedAt":725},{"hooks":476,"ajaxHandlers":544,"restRoutes":613,"shortcodes":614,"cronEvents":623,"entryPointCount":624,"unprotectedCount":28},[477,483,487,491,495,499,503,507,512,514,517,520,523,526,528,531,535,540],{"type":478,"name":479,"callback":480,"file":481,"line":482},"action","plugins_loaded","wordpress_file_upload_update_db_check","wfu_loader.php",47,{"type":478,"name":484,"callback":485,"priority":29,"file":481,"line":486},"init","wordpress_file_upload_textdomain",50,{"type":478,"name":488,"callback":489,"file":481,"line":490},"widgets_init","register_wfu_widget",52,{"type":478,"name":492,"callback":493,"file":481,"line":494},"admin_init","wordpress_file_upload_admin_init",54,{"type":478,"name":496,"callback":497,"file":481,"line":498},"admin_menu","wordpress_file_upload_add_admin_pages",55,{"type":478,"name":500,"callback":501,"file":481,"line":502},"wp_enqueue_scripts","wfu_enqueue_frontpage_scripts",58,{"type":478,"name":500,"callback":504,"priority":505,"file":481,"line":506},"wfu_enqueue_materialui_frontpage_scripts",9999999999,59,{"type":478,"name":508,"callback":509,"priority":510,"file":481,"line":511},"wp_before_admin_bar_render","wfu_admin_toolbar_new_uploads",999,62,{"type":478,"name":508,"callback":513,"priority":510,"file":481,"line":183},"wfu_admin_toolbar_admin_notifications",{"type":478,"name":515,"callback":516,"priority":463,"file":481,"line":462},"parse_comment_query","wfu_exclude_notifications_from_comments",{"type":478,"name":518,"callback":519,"file":481,"line":373},"show_user_profile","wfu_show_consent_profile_fields",{"type":478,"name":521,"callback":519,"file":481,"line":522},"edit_user_profile",97,{"type":478,"name":524,"callback":525,"file":481,"line":412},"personal_options_update","wfu_update_consent_profile_fields",{"type":478,"name":527,"callback":525,"file":481,"line":434},"edit_user_profile_update",{"type":478,"name":529,"callback":530,"file":481,"line":398},"wfu_daily_scheduled_events","wfu_execute_daily_tasks",{"type":478,"name":532,"callback":533,"priority":399,"file":481,"line":534},"attachment_submitbox_misc_actions","wfu_media_editor_properties",102,{"type":536,"name":537,"callback":538,"priority":463,"file":481,"line":539},"filter","wfu_before_upload","wfu_consent_ask_server_handler",104,{"type":536,"name":541,"callback":542,"priority":463,"file":481,"line":543},"_wfu_before_upload","wfu_classic_before_upload_handler",106,[545,550,553,555,557,560,562,565,567,569,570,573,576,579,581,583,586,588,590,592,594,596,599,602,605,608,611],{"action":546,"nopriv":547,"callback":548,"hasNonce":547,"hasCapCheck":547,"file":481,"line":549},"wfu_ajax_action",false,"wfu_ajax_action_callback",68,{"action":546,"nopriv":551,"callback":548,"hasNonce":547,"hasCapCheck":547,"file":481,"line":552},true,69,{"action":554,"nopriv":547,"callback":554,"hasNonce":547,"hasCapCheck":547,"file":481,"line":195},"wfu_ajax_action_ask_server",{"action":554,"nopriv":551,"callback":554,"hasNonce":547,"hasCapCheck":547,"file":481,"line":556},71,{"action":558,"nopriv":547,"callback":558,"hasNonce":547,"hasCapCheck":547,"file":481,"line":559},"wfu_ajax_action_cancel_upload",72,{"action":558,"nopriv":551,"callback":558,"hasNonce":547,"hasCapCheck":547,"file":481,"line":561},73,{"action":563,"nopriv":547,"callback":563,"hasNonce":547,"hasCapCheck":547,"file":481,"line":564},"wfu_ajax_action_send_email_notification",74,{"action":563,"nopriv":551,"callback":563,"hasNonce":547,"hasCapCheck":547,"file":481,"line":566},75,{"action":568,"nopriv":547,"callback":568,"hasNonce":547,"hasCapCheck":547,"file":481,"line":64},"wfu_ajax_action_notify_wpfilebase",{"action":568,"nopriv":551,"callback":568,"hasNonce":547,"hasCapCheck":547,"file":481,"line":76},{"action":571,"nopriv":547,"callback":571,"hasNonce":547,"hasCapCheck":547,"file":481,"line":572},"wfu_ajax_action_save_shortcode",78,{"action":574,"nopriv":547,"callback":574,"hasNonce":547,"hasCapCheck":547,"file":481,"line":575},"wfu_ajax_action_check_page_contents",79,{"action":577,"nopriv":547,"callback":577,"hasNonce":547,"hasCapCheck":547,"file":481,"line":578},"wfu_ajax_action_read_subfolders",80,{"action":580,"nopriv":547,"callback":580,"hasNonce":547,"hasCapCheck":547,"file":481,"line":385},"wfu_ajax_action_download_file_invoker",{"action":580,"nopriv":551,"callback":580,"hasNonce":547,"hasCapCheck":547,"file":481,"line":582},82,{"action":584,"nopriv":547,"callback":584,"hasNonce":547,"hasCapCheck":547,"file":481,"line":585},"wfu_ajax_action_download_file_monitor",83,{"action":584,"nopriv":551,"callback":584,"hasNonce":547,"hasCapCheck":547,"file":481,"line":587},84,{"action":589,"nopriv":547,"callback":589,"hasNonce":547,"hasCapCheck":547,"file":481,"line":473},"wfu_ajax_action_edit_shortcode",{"action":591,"nopriv":547,"callback":591,"hasNonce":547,"hasCapCheck":547,"file":481,"line":450},"wfu_ajax_action_gutedit_shortcode",{"action":593,"nopriv":547,"callback":593,"hasNonce":547,"hasCapCheck":547,"file":481,"line":27},"wfu_ajax_action_get_historylog_page",{"action":595,"nopriv":547,"callback":595,"hasNonce":547,"hasCapCheck":547,"file":481,"line":13},"wfu_ajax_action_get_uploadedfiles_page",{"action":597,"nopriv":547,"callback":597,"hasNonce":547,"hasCapCheck":547,"file":481,"line":598},"wfu_ajax_action_get_adminbrowser_page",89,{"action":600,"nopriv":547,"callback":600,"hasNonce":547,"hasCapCheck":547,"file":481,"line":601},"wfu_ajax_action_get_remotefiles_page",90,{"action":603,"nopriv":547,"callback":603,"hasNonce":547,"hasCapCheck":547,"file":481,"line":604},"wfu_ajax_action_include_file",91,{"action":606,"nopriv":547,"callback":606,"hasNonce":547,"hasCapCheck":547,"file":481,"line":607},"wfu_ajax_action_update_envar",92,{"action":609,"nopriv":547,"callback":609,"hasNonce":547,"hasCapCheck":547,"file":481,"line":610},"wfu_ajax_action_transfer_command",93,{"action":612,"nopriv":547,"callback":612,"hasNonce":547,"hasCapCheck":547,"file":481,"line":374},"wfu_ajax_action_pdusers_get_users",[],[615,619],{"tag":616,"callback":617,"file":481,"line":618},"wordpress_file_upload","wordpress_file_upload_handler",40,{"tag":620,"callback":621,"file":481,"line":622},"wfu_block_inline_js","wordpress_file_upload_block_inline_js_handler",42,[],29,{"dangerousFunctions":626,"sqlUsage":627,"outputEscaping":629,"fileOperations":463,"externalRequests":29,"nonceChecks":646,"capabilityChecks":413,"bundledLibraries":647},[],{"prepared":29,"raw":29,"locations":628},[],{"escaped":630,"rawEcho":631,"locations":632},101,7,[633,636,637,638,639,641,643],{"file":634,"line":462,"context":635},"templates\\uploader-MaterialUI.php","raw output",{"file":634,"line":598,"context":635},{"file":634,"line":601,"context":635},{"file":634,"line":604,"context":635},{"file":634,"line":640,"context":635},154,{"file":634,"line":642,"context":635},172,{"file":644,"line":645,"context":635},"wfu_file_downloader.php",138,3,[],[649,665],{"entryPoint":650,"graph":651,"unsanitizedCount":48,"severity":41},"wfu_read_downloader_data (wfu_file_downloader.php:23)",{"nodes":652,"edges":663},[653,657],{"id":654,"type":655,"label":656,"file":644,"line":149},"n0","source","$_GET",{"id":658,"type":659,"label":660,"file":644,"line":661,"wp_function":662},"n1","sink","file_get_contents() [SSRF\u002FLFI]",32,"file_get_contents",[664],{"from":654,"to":658,"sanitized":547},{"entryPoint":666,"graph":667,"unsanitizedCount":702,"severity":41},"\u003Cwfu_file_downloader> (wfu_file_downloader.php:0)",{"nodes":668,"edges":696},[669,671,672,674,679,681,686,689,693],{"id":654,"type":655,"label":670,"file":644,"line":149},"$_GET (x2)",{"id":658,"type":659,"label":660,"file":644,"line":661,"wp_function":662},{"id":673,"type":655,"label":656,"file":644,"line":149},"n2",{"id":675,"type":659,"label":676,"file":644,"line":677,"wp_function":678},"n3","header() [Header Injection]",128,"header",{"id":680,"type":655,"label":656,"file":644,"line":149},"n4",{"id":682,"type":659,"label":683,"file":644,"line":684,"wp_function":685},"n5","fopen() [File Access]",396,"fopen",{"id":687,"type":655,"label":656,"file":644,"line":688},"n6",124,{"id":690,"type":691,"label":692,"file":644,"line":688},"n7","transform","→ wfu_fopen_for_downloader()",{"id":694,"type":659,"label":660,"file":644,"line":695,"wp_function":662},"n8",409,[697,698,699,700,701],{"from":654,"to":658,"sanitized":547},{"from":673,"to":675,"sanitized":547},{"from":680,"to":682,"sanitized":547},{"from":687,"to":690,"sanitized":547},{"from":690,"to":694,"sanitized":547},5,{"summary":704,"deductions":705},"The wp-file-upload plugin v5.1.7 exhibits a concerning security posture primarily due to a very large attack surface with a significant number of unprotected AJAX handlers. While the code analysis shows good practices in SQL query handling and output escaping, the sheer volume of entry points lacking proper authorization checks presents a substantial risk.  The taint analysis revealed flows with unsanitized paths, indicating a potential for path traversal vulnerabilities, although no critical or high severity issues were identified in this specific analysis.\n\nThe plugin's historical vulnerability data is alarming. A total of 27 known CVEs, with a notable number of critical and high severity issues, points to a recurring pattern of serious security flaws. The common vulnerability types listed (CSRF, Code Injection, Missing Authorization, Path Traversal, XSS, Unrestricted Upload) are all severe and can lead to complete site compromise. The fact that the last vulnerability was reported very recently (2025-02-24) and there are currently no unpatched vulnerabilities is a positive sign, suggesting active patching by developers, but the sheer volume and severity of past issues cannot be overlooked.\n\nIn conclusion, the plugin demonstrates strengths in its handling of SQL queries and output sanitization. However, the massive, unprotected AJAX endpoint attack surface and the extensive, severe historical vulnerability record are critical weaknesses. Users should be highly cautious and ensure they are on the absolute latest version, coupled with a robust WordPress security strategy that includes regular scanning and monitoring for new vulnerabilities. The risk is elevated due to the plugin's historical patterns of severe security flaws.",[706,708,710,713,715,717,719,721,723],{"reason":707,"points":463},"Large attack surface with unprotected AJAX handlers",{"reason":709,"points":139},"Taint analysis found flows with unsanitized paths",{"reason":711,"points":712},"Large number of past critical severity CVEs",15,{"reason":714,"points":139},"Large number of past high severity CVEs",{"reason":716,"points":712},"Vulnerability history includes Code Injection",{"reason":718,"points":712},"Vulnerability history includes Path Traversal",{"reason":720,"points":712},"Vulnerability history includes Unrestricted Upload",{"reason":722,"points":712},"Vulnerability history includes Missing Authorization",{"reason":724,"points":463},"Recent vulnerability reported (2025-02-24)","2026-03-16T17:41:52.089Z",{"wat":727,"direct":770},{"assetPaths":728,"generatorPatterns":748,"scriptPaths":749,"versionParams":750},[729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747],"\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_frontend.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_admin.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_editor_plugin.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_materialize.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_bootstrap.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_bootstrap_theme.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_dark_theme.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_light_theme.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fcss\u002Fwfu_premium_theme.css","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_frontend.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_admin.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_editor_plugin.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_materialize.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_bootstrap.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_bootstrap_theme.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_dark_theme.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_light_theme.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Fwfu_premium_theme.js","\u002Fwp-content\u002Fplugins\u002Fwp-file-upload\u002Fjs\u002Ftinymce\u002Ftinymce.min.js",[],[738,739,740,741,742,743,744,745,746,747],[751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768,769],"wp-file-upload\u002Fcss\u002Fwfu_frontend.css?ver=","wp-file-upload\u002Fcss\u002Fwfu_admin.css?ver=","wp-file-upload\u002Fcss\u002Fwfu_editor_plugin.css?ver=","wp-file-upload\u002Fcss\u002Fwfu_materialize.css?ver=","wp-file-upload\u002Fcss\u002Fwfu_bootstrap.css?ver=","wp-file-upload\u002Fcss\u002Fwfu_bootstrap_theme.css?ver=","wp-file-upload\u002Fcss\u002Fwfu_dark_theme.css?ver=","wp-file-upload\u002Fcss\u002Fwfu_light_theme.css?ver=","wp-file-upload\u002Fcss\u002Fwfu_premium_theme.css?ver=","wp-file-upload\u002Fjs\u002Fwfu_frontend.js?ver=","wp-file-upload\u002Fjs\u002Fwfu_admin.js?ver=","wp-file-upload\u002Fjs\u002Fwfu_editor_plugin.js?ver=","wp-file-upload\u002Fjs\u002Fwfu_materialize.js?ver=","wp-file-upload\u002Fjs\u002Fwfu_bootstrap.js?ver=","wp-file-upload\u002Fjs\u002Fwfu_bootstrap_theme.js?ver=","wp-file-upload\u002Fjs\u002Fwfu_dark_theme.js?ver=","wp-file-upload\u002Fjs\u002Fwfu_light_theme.js?ver=","wp-file-upload\u002Fjs\u002Fwfu_premium_theme.js?ver=","wp-file-upload\u002Fjs\u002Ftinymce\u002Ftinymce.min.js?ver=",{"cssClasses":771,"htmlComments":788,"htmlAttributes":791,"restEndpoints":801,"jsGlobals":804,"shortcodeOutput":809},[772,773,774,775,776,777,778,779,780,781,782,783,784,785,786,787],"wfu_container","wfu_backend_container","wfu_frontend_container","wfu_button","wfu_upload_button","wfu_progress_bar","wfu_file_list","wfu_file_item","wfu_file_name","wfu_file_size","wfu_file_type","wfu_file_status","wfu_file_remove","wfu_drag_and_drop_area","wfu_drop_zone_text","wfu_upload_form",[789,790],"\u003C!-- Wordpress File Upload Plugin -->","\u003C!-- Iptanus File Upload (Wordpress Plugin) -->",[792,793,794,795,796,797,798,799,800],"data-wfu-id","data-wfu-uploadurl","data-wfu-maxfilesize","data-wfu-allowedtypes","data-wfu-buttontext","data-wfu-droptext","data-wfu-queued","data-wfu-uploaded","data-wfu-error",[802,803],"\u002Fwp-json\u002Fwpfileuploader\u002Fv1\u002Fupload","\u002Fwp-json\u002Fwpfileuploader\u002Fv1\u002Fget_file_list",[805,806,807,808],"WFU_Frontend","WFU_Admin","wfu_params","wfu_ajax_object",[810],"[wordpress_file_upload]"]