iF.SVNAdmin is Web-based GUI to manage Subversion repositories and User/Group permissions with LDAP support. This management interface is vulnerable to CSRF on the User Creation function, leading to arbitrary SVN repository user creation, with subsequent access to underlying repository code.
Proof of Concept example:
Plugin Homepage: https://wordpress.org/plugins/svg-vector-icon-plugin/
WP SVG Icons allows admins to upload “Custom Icon” sets within the plugin, however it fails to stop CSRF and subsequently leads to Arbitrary File Upload vulnerability, as the .zip package that gets uploaded has no content checks so a POC or shell can be put into the zip and will be unzipped into the /wp-content/uploads/wp-svg-icons/custom-pack directory.
The following POC is the CSRF with a zip file containing “test.php” which invokes phpinfo(). If successful, RCE will be confirmed here: /wp-content/uploads/wp-svg-icons/custom-pack/test.php