Lucene search

K

Safe SVG Security Vulnerabilities

cve
cve

CVE-2022-1091

The sanitisation step of the Safe SVG WordPress plugin before 1.9.10 can be bypassed by spoofing the content-type in the POST request to upload a file. Exploiting this vulnerability, an attacker will be able to perform the kinds of attacks that this plugin should prevent (mainly XSS, but depending....

6.1CVSS

6AI Score

0.001EPSS

2022-04-18 06:15 PM
72
cve
cve

CVE-2019-18855

A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or...

7.5CVSS

7.4AI Score

0.002EPSS

2019-11-11 03:15 PM
53
cve
cve

CVE-2019-18854

A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a ''...

7.5CVSS

7.4AI Score

0.002EPSS

2019-11-11 03:15 PM
57