| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12451 | Easy SVG Support <= 4.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | benjamin_zekavica | Easy SVG Support | Medium | 4.4 | 2026-02-19 03:25:14 | Deep Dive |
| CVE-2025-12045 | Orbit Fox Companion <= 3.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post Taxonomy | themeisle | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | Medium | 6.4 | 2025-11-04 11:19:28 | Deep Dive |
| CVE-2025-10874 | Orbit Fox < 3.0.2 - Author+ Server-Side Request Forgery | Unknown | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | 中危 | - | 2025-10-24 06:00:09 | Deep Dive |
| CVE-2023-7086 | SVG Uploads Support <= 2.1.1 - Author+ Stored XSS via SVG | Unknown | SVG Uploads Support | - | - | 2025-05-15 20:09:22 | Deep Dive |
| CVE-2023-7088 | Add SVG Support for Media Uploader | inventivo <= 1.0.5 - Author+ Stored XSS via SVG | Unknown | Add SVG Support for Media Uploader | inventivo | - | - | 2025-05-15 20:09:22 | Deep Dive |
| CVE-2025-2542 | Your Simple SVG Support <= 1.0.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | obbdpu | Your Simple SVG Support | Medium | 6.4 | 2025-03-25 09:22:02 | Deep Dive |
| CVE-2024-13768 | CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts <= 4.2 - Cross-Site Request Forgery to Font Assignment Deletion | ashikcse | CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts | Medium | 4.3 | 2025-03-22 06:41:13 | Deep Dive |
| CVE-2025-0807 | CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts <= 4.2 - Cross-Site Request Forgery to Settings Update | ashikcse | CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts | Medium | 4.3 | 2025-03-22 06:41:10 | Deep Dive |
| CVE-2024-10222 | SVG Support <= 2.5.10 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | benbodhi | SVG Support | Medium | 6.4 | 2025-02-21 13:41:29 | Deep Dive |
| CVE-2024-11091 | Support SVG – Upload svg files in wordpress without hassle <= 1.1.0 - Authenticated (Author+) Stored Cross-site Scripting via SVG File Upload | sayedulsayem | Support SVG – Upload svg files in wordpress without hassle | Medium | 6.4 | 2024-11-26 08:31:55 | Deep Dive |
| CVE-2024-10269 | Easy SVG Support <= 3.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | benjamin_zekavica | Easy SVG Support | Medium | 6.4 | 2024-11-08 06:39:59 | Deep Dive |
| CVE-2023-6708 | SVG Support <= 2.5.7 - Authenticated (Author+) Cross-Site Scripting via SVG | benbodhi | SVG Support | Medium | 5.4 | 2024-07-18 02:38:34 | Deep Dive |
| CVE-2024-4272 | Support SVG < 1.1.0 - Stored XSS via SVG Upload | Unknown | Support SVG | - | - | 2024-07-13 06:00:06 | Deep Dive |
| CVE-2024-3633 | WebP & SVG Support <= 1.4.0 - Author+ Stored XSS via SVG | Unknown | WebP & SVG Support | - | - | 2024-06-26 06:00:02 | Deep Dive |
| CVE-2023-5458 | CITS Support svg, webp Media and TTF,OTF File Upload < 3.0 - Author+ Stored XSS via SVG | Unknown | CITS Support svg, webp Media and TTF,OTF File Upload | 中危 | - | 2023-10-31 13:54:42 | Deep Dive |
| CVE-2022-4022 | WordPress plugin SVG Support 跨站脚本漏洞 | benbodhi | SVG Support | Medium | 6.4 | 2022-11-16 13:23:45 | Deep Dive |
| CVE-2022-1755 | SVG Support < 2.5 - Author+ Stored Cross-Site Scripting | Unknown | SVG Support | 中危 | - | 2022-09-26 12:35:31 | Deep Dive |
| CVE-2022-1964 | Easy SVG Support < 3.3.0 - Author+ Stored Cross Site Scripting via SVG | Unknown | Easy SVG Support | 中危 | - | 2022-06-27 08:58:57 | Deep Dive |