CRITICAL
WP Swings
CVE published 2026-05-20
CVE-2026-45444
CVE-2026-45444 is a critical unrestricted upload vulnerability in the WP Swings Gift Cards For WooCommerce Pro WordPress plugin, affecting versions through 4.2.6. Based on the published record, the issue is rated CVSS 3.1 10.0 and can be triggered remotely without user interaction. Because dangerous file types may be accepted, affected sites should treat this as a high-risk path to malicious file placemen [truncated]