High severity7.2NVD Advisory· Published Jun 13, 2022· Updated Jun 17, 2026
CVE-2022-0863
CVE-2022-0863
Description
The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=3.2.3+ 1 more
- (no CPE)range: <=3.2.3
- (no CPE)range: <=3.2.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/a30212a0-c910-4657-aee1-4a2d72c77983nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.