Lucene search
China National Vulnerability DatabaseCNVD-2022-54356HistoryJun 30, 2022 - 12:00 a.m.
WordPress Easy SVG Support plugin跨站脚本漏洞
2022-06-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
24.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions prior to WordPress Easy SVG Support plugin 3.3.0. The vulnerability stems from the plugin’s failure to clean or filter uploaded SVG files, which can be exploited by attackers to Uploading malicious SVG files leads to cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress easy svg support plugin | lt | 3.3.0 |
Related
wpvulndb
wpvulndb
Easy SVG Support < 3.3.0 - Author+ Stored Cross Site Scripting via SVG
2022-06-01 00:00:00
cve
cve
CVE-2022-1964
2022-06-27 09:15:10
cvelist
cvelist
patchstack
patchstack
prion
prion
Design/Logic Flaw
2022-06-27 09:15:00
nvd
nvd
CVE-2022-1964
2022-06-27 09:15:10
wpexploit
wpexploit
Easy SVG Support < 3.3.0 - Author+ Stored Cross Site Scripting via SVG
2022-06-01 00:00:00