6 matches found
CVE-2022-0863
The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution...
WordPress SVG Icons Plugin Arbitrary File Upload (CVE-2022-0863)
An arbitrary file upload vulnerability exists in WordPress SVG Icons plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2022-0863
The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution...
CVE-2022-0863
The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution...
CVE-2022-0863 WP SVG Icons <= 3.2.3 - Admin+ Remote Code Execution (RCE)
The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution...
CVE-2022-0863
The WP SVG Icons WordPress plugin (versions ≤ 3.2.3) is affected by an authenticated remote code execution vulnerability caused by improper validation of uploaded custom icon packs. An admin/high-privilege user can upload a ZIP containing malicious PHP code, leading to remote code execution. Publ...