The Enable SVG, WebP & ICO Upload WordPress plugin up to and including 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ideastocode enable svg\\, webp \\& ico upload |