CVE-2025-13069 | Enable SVG, WebP, and ICO Upload Plugin up to 1.1.2 on WordPress ICO File unrestricted upload

Inserito da Angelo Barbosa | Nov 18, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Enable SVG, WebP, and ICO Upload Plugin up to 1.1.2 on WordPress. This vulnerability affects unknown code of the component ICO File Handler. The manipulation leads to unrestricted upload.

This vulnerability is listed as CVE-2025-13069. The attack may be initiated remotely. There is no available exploit.

CVE-2025-13069 | Enable SVG, WebP, and ICO Upload Plugin up to 1.1.2 on WordPress ICO File unrestricted upload

Post correlati

CVE-2024-35311 | Yubico YubiKey/Security Key/YubiKey Bio/YubiKey FIPS access control

CVE-2024-46054 | OpenVidReview 1.0 /upload access control

CVE-2024-45823 | Rockwell Automation FactoryTalk Batch View 2.01.00 improper authentication

CVE-2024-13051 | Ashlar-Vellum Graphite 13_SE_13048 VC6 File Parser heap-based overflow (ZDI-24-1735)