Every CVE whose affected-product data names Ideastocode Enable Svg, Webp & Ico Upload, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-34154 — CVSS 7.2 (high): Authenticated (author or higher user role) Arbitrary File Upload vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1…
CVE-2023-2143 — CVSS 5.4 (medium): The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting…
CVE-2022-36343 — CVSS 3.4 (low): Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload…