📦 Droip

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that allows attackers to download or delete arbitrary files on affected systems. This affects all Droip ...

The Droip WordPress plugin allows authenticated attackers with Subscriber-level access or higher to upload arbitrary files due to missing file type validation. This vulnerability can lead to remote co...

This CVE describes an incorrect authorization vulnerability in the Themeum Droip WordPress plugin that allows users with lower privileges (like subscribers) to access functionality intended only for a...