WP Dropzone — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in WP Dropzone, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-13989	WP Dropzone <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'callback' Shortcode Attribute CWE-79	6.4	Medium	2025-12-12
CVE-2025-12775	WP Dropzone <= 1.1.0 - Authenticated (Subscriber+) Arbitrary File Upload CWE-434	8.8	High	2025-11-18

All 2 known CVE vulnerabilities affecting WP Dropzone with full Chinese analysis, references, and POCs where available.