Skip to main content

Wp Svg Icons

2 CVEs product

Monthly

CVE-2022-0863 HIGH POC THREAT This Week

The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE WordPress File Upload Wp Svg Icons
NVD WPScan
CVSS 3.1
7.2
EPSS
22.9%
CVE-2019-14216 HIGH POC PATCH This Week

An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP WordPress CSRF Wp Svg Icons
NVD
CVSS 3.0
8.8
EPSS
0.8%
EPSS 23% CVSS 7.2
HIGH POC THREAT This Week

The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE WordPress +2
NVD WPScan
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP WordPress CSRF +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy