Vulnerability CVE-2023-2143


Published: 2023-07-17

Description:
The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://wpscan.com/vulnerability/91898762-aa7d-4fbc-a016-3de48901e5de

Copyright 2026, cxsecurity.com

 

Back to Top