WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions prior to WordPress Easy SVG Support plugin 3.3.0. The vulnerability stems from the plugin’s failure to clean or filter uploaded SVG files, which can be exploited by attackers to Uploading malicious SVG files leads to cross-site scripting attacks.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress easy svg support plugin | lt | 3.3.0 |