CVE-2022-23059

A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions v2.0.2 through v2.17.0 via the “Manage Images� tab, which allows an attacker to upload a SVG file containing malicious JavaScript code.

Source: CVE-2022-23059