Lucene search
China National Vulnerability DatabaseCNVD-2022-88254HistorySep 28, 2022 - 12:00 a.m.
WordPress SVG Support Cross-Site Scripting Vulnerability
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
wordpress
svg support
cross-site scripting
0.001 Low
EPSS
Percentile
24.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. cross-site scripting vulnerability exists in versions of WordPress SVG Support prior to 2.5. The vulnerability stems from the inability to properly handle SVGs added via URLs, and can be exploited by attackers to launch cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress svg support | lt | 2.5 |
Related
openvas
openvas
WordPress SVG Support Plugin < 2.5 XSS Vulnerability
2022-10-11 00:00:00
cvelist
cvelist
CVE-2022-1755 SVG Support < 2.5 - Author+ Stored Cross-Site Scripting
2022-09-26 12:35:31
prion
prion
Cross site scripting
2022-09-26 13:15:00
nvd
nvd
CVE-2022-1755
2022-09-26 13:15:10
cve
cve
CVE-2022-1755
2022-09-26 13:15:10
patchstack
patchstack