WordPress Enable SVG, WebP & ICO Upload plugin” (versions<= 1.0.1) authenticated stored-address cross-site scripting (XSS) vulnerability

Details

Authenticated stored cross-site scripting (XSS) vulnerability due to malicious SVG file upload Enable SVG, WebP, and ICO upload plugins (version <= 1.0.1)

solution

No patched version available.

Sources.

CVE-2022-36343

脆弱性情報を受け取る