GCVE - cpe:2.3:a:ablyperu:svg_uploads_support:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ablyperu:svg_uploads_support:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Ablyperu (`cd1aade7-157b-5be9-84e5-c81dcc3d74e3`)
Product	Svg Uploads Support (`877a2160-eb3b-5195-979b-4bcd4cfdd00f`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/common-repository/svg-uploads-support`	purl2cpe	2026-06-01 10:16:04.396526

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-7086`	vulnerable	2026-06-03 14:53:59.930470	SVG Uploads Support <= 2.1.1 - Author+ Stored XSS via SVG The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. Published: 2025-05-15T20:09:21.852Z Updated: 2025-05-17T02:49:29.724Z Open on db.gcve.eu Reference links https://wpscan.com/vulnerability/94954e1a-dc09-4811-b57d-b12bf69a767d/	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.