Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3

Critical0

High1

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-3 of 3 records

Threat Entry Updated 2024-11-21

CVE-2023-4460 - Uploading Svg Webp And Ico Files Plugin

The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

PLUGIN Uploading Svg Webp And Ico Files

CVE-2023-4460

MEDIUM CVSS 5.4 2023-12-04

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-36285 - Uploading Svg Webp And Ico Files Plugin

Authenticated Arbitrary File Upload vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin

PLUGIN Uploading Svg Webp And Ico Files

CVE-2022-36285

HIGH CVSS 7.2 2022-08-23

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-34648 - Uploading Svg Webp And Ico Files Plugin

Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin

PLUGIN Uploading Svg Webp And Ico Files

CVE-2022-34648

MEDIUM CVSS 4.8 2022-08-23

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2023-4460 - Uploading Svg Webp And Ico Files Plugin

CVE-2022-36285 - Uploading Svg Webp And Ico Files Plugin

CVE-2022-34648 - Uploading Svg Webp And Ico Files Plugin

Company Links

Contact Us