Skip to main content
Affected Products
Affected Products
Vendor / product matrix with CVE counts sourced from the CPE catalog.
Vendor
Product
in 10up
Min CVSS
Any
Low (0.1+)
Medium (4.0+)
High (7.0+)
Critical (9.0+)
Sort By
Vendor (A–Z)
Most CVEs
Worst Severity
Most KEV
Apply
Clear
Export CSV
Products
1 vendor
Vendor
Products
CVEs
KEV
Avg EPSS
Worst Severity
10up
2
2
0
15.8%
HIGH
← First page
Next page →
Related CVEs
2
Sort
Newest first
Highest EPSS
Highest CVSS
Severity
CVE ID
Description
Severity
CVSS
KEV
EPSS
Published
CVE-2024-8378
The Safe SVG WordPress plugin before 2.2.6 has its sanitisation code is only running for paths that call wp_handle_upload, but not for example for code that uses wp_handle_sideload which is often used to upload attachments via raw POST data.
MEDIUM
4.8
—
22.0%
Nov 7, 2024
CVE-2024-43116
Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects Simple Local Avatars: from n/a through 2.7.10.
HIGH
8.8
—
9.5%
Aug 26, 2024