CVE-2025-6440 | WooCommerce Designer Pro Plugin up to 1.9.26 on WordPress wcdp_save_canvas_design_ajax unrestricted upload

A vulnerability, which was classified as critical, was found in WooCommerce Designer Pro Plugin up to 1.9.26 on WordPress. Impacted is the function wcdp_save_canvas_design_ajax. The manipulation results in unrestricted upload.

This vulnerability is known as CVE-2025-6440. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More