cleantalk
Vulnerabilities and Security Researches

Enable SVG, WebP & ICO Upload  , CVE-2022-36343

CVE, Research URL

CVE-2022-36343

Home page URL

Security reports for Enable SVG, WebP & ICO Upload  

Application

Enable SVG, WebP & ICO Upload  

Published on
Aug 01, 2022
Research Description
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress.
Affected versions
max 1.0.3.
Status
vulnerable
Previous vulnerability researches
Enable SVG, WebP &amp; ICO Upload   (CVE-2022-36343) , Jun 07, 2024
Enable SVG, WebP &amp; ICO Upload   (CVE-2022-34154) , Jun 07, 2024
Enable SVG, WebP &amp; ICO Upload   (CVE-2023-2143) , Jun 07, 2024
Enable SVG, WebP &amp; ICO Upload   (CVE-2025-13069) , Dec 10, 2025
Enable SVG, WebP &amp; ICO Upload   (CVE-2025-12457) , Dec 10, 2025
New vulnerability
Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form (CVE-2026-25418) , Feb 28, 2026
Image Photo Gallery Final Tiles Grid (CVE-2026-25375) , Feb 28, 2026
Share This Image (CVE-2026-25010) , Feb 28, 2026
Bold Page Builder (CVE-2026-25451) , Feb 28, 2026
Bold Page Builder (CVE-2025-13463) , Feb 28, 2026