← Back

Uploading Svg, Webp And Ico Files Project

uploading_svg,_webp_and_ico_files_project

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Uploading Svg, Webp And Ico Files
uploading_svg,_webp_and_ico_files
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-4460
1Uploading Svg, Webp And Ico Files Project
1Uploading Svg, Webp And Ico Files
Jun 17, 2026
Dec 4, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.
CVE-2022-36285
1Uploading Svg, Webp And Ico Files Project
1Uploading Svg, Webp And Ico Files
Jun 17, 2026
Aug 23, 2022
N/A· v4
7.2 HIGH· v3
N/A· v2
Authenticated Arbitrary File Upload vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress.
CVE-2022-34648
1Uploading Svg, Webp And Ico Files Project
1Uploading Svg, Webp And Ico Files
Jun 17, 2026
Aug 23, 2022
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress.