CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Wp Svg Icons Project 1Wp Svg Icons Jun 17, 2026 Jun 13, 2022 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote...Show more |
1Wp Svg Icons Project 1Wp Svg Icons Jun 17, 2026 Aug 14, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. wp-admin/admin.php?page=wp-svg-icons-custom-set mishandles Custom Icon uploads. CSRF leads to upload of a ZIP a...Show more |