Kubiq
Products
2- 2 CVEs
- 2 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-5945 | Med | 0.35 | 6.4 | 0.00 | Jun 21, 2024 | The WP SVG Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 4.3 due to insufficient input sanitization. This makes it possible for authenticated attackers, with Author-level access and… | ||
| CVE-2021-24386 | Med | 0.35 | 5.4 | 0.01 | Jul 6, 2021 | The WP SVG images WordPress plugin before 3.4 did not sanitise the SVG files uploaded, which could allow low privilege users such as author+ to upload a malicious SVG and then perform XSS attacks by inducing another user to access the file directly. In v3.4, the plugin… | ||
| CVE-2025-67469 | Med | 0.28 | 4.3 | 0.00 | Dec 9, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail-generator allows Cross Site Request Forgery.This issue affects PDF Thumbnail Generator: from n/a through <= 1.4. | ||
| CVE-2024-8737 | 0.00 | — | 0.00 | Sep 13, 2024 | The PDF Thumbnail Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.3. This makes it possible for unauthenticated attackers to inject… |
- risk 0.35cvss 6.4epss 0.00
The WP SVG Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 4.3 due to insufficient input sanitization. This makes it possible for authenticated attackers, with Author-level access and…
- risk 0.35cvss 5.4epss 0.01
The WP SVG images WordPress plugin before 3.4 did not sanitise the SVG files uploaded, which could allow low privilege users such as author+ to upload a malicious SVG and then perform XSS attacks by inducing another user to access the file directly. In v3.4, the plugin…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail-generator allows Cross Site Request Forgery.This issue affects PDF Thumbnail Generator: from n/a through <= 1.4.
- CVE-2024-8737Sep 13, 2024risk 0.00cvss —epss 0.00
The PDF Thumbnail Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.3. This makes it possible for unauthenticated attackers to inject…