Lucene search
K

5 matches found

NVD
NVD
added 2022/08/23 4:15 p.m.38 views

CVE-2022-34648

Authenticated author+ Stored Cross-Site Scripting XSS vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin = 1.0.1 at WordPress...

5.4CVSS0.00445EPSS
Exploits0References2
OSV
OSV
added 2022/08/23 4:15 p.m.3 views

CVE-2022-34648

Authenticated author+ Stored Cross-Site Scripting XSS vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin = 1.0.1 at WordPress...

5.4CVSS5.8AI score0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/08/23 3:45 p.m.30 views

CVE-2022-34648 WordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated author+ Stored Cross-Site Scripting XSS vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin = 1.0.1 at WordPress...

4.8CVSS5.4AI score0.00445EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/08/23 3:45 p.m.11 views

CVE-2022-34648 WordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated author+ Stored Cross-Site Scripting XSS vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin = 1.0.1 at WordPress...

4.8CVSS4.9AI score0.00445EPSS
Exploits0References2
CVE
CVE
added 2022/08/23 3:45 p.m.78 views

CVE-2022-34648

The CVE-2022-34648 entry affects the dmitrylitvinov Uploading SVG, WEBP and ICO files plugin for WordPress (versions ≤ 1.0.1). The root cause is an authenticated Stored XSS vulnerability introduced by allowing upload of SVG, WEBP, and ICO files; an author+ user can trigger stored scripts, leading...

5.4CVSS5AI score0.00445EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder