CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Authenticated (author or higher user role) Arbitrary File Upload vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress.

 Verified

 Not fixed

**7.2**

CVSS 3.1 score High severity

Monitoring Coming soon

Software

Enable SVG, WebP & ICO Upload

PSID 

9e1794b8627d

Classification 

Arbitrary File Upload

OWASP Top 10 

A1: Injection

Required privilege 

Requires author or higher role user authentication.

Publicly disclosed

2022-08-01

**Details**

Authenticated Arbitrary File Upload vulnerability discovered by Kim Jong Min aka Universe (Patchstack Alliance) in WordPress Enable SVG, WebP & ICO Upload plugin (versions <= 1.0.1).

**Solution**

No patched version available.

**References**

Headline

CVE-2022-34154: WordPress Enable SVG, WebP & ICO Upload plugin <= 1.0.1 - Authenticated Arbitrary File Upload vulnerability - Patchstack

CVE: Latest News