6 matches found
CVE-2022-1755
The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...
CVE-2022-1755
creationtimestamp| type| source ---|---|--- 2022-09-26 16:21:47+00:00| seen| https://t.me/cibsecurity/50467 2025-05-21 19:42:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17179...
CVE-2022-1755
The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...
CVE-2022-1755 SVG Support < 2.5 - Author+ Stored Cross-Site Scripting
The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...
CVE-2022-1755
The CVE-2022-1755 issue affects the WordPress SVG Support plugin prior to version 2.5. The vulnerability arises from improper handling of SVGs added via a URL, enabling Cross-Site Scripting (XSS). The CVSS data indicates a MEDIUM severity (5.4) with network attack vector, low attack complexity, a...
CVE-2022-1755 SVG Support < 2.5 - Author+ Stored Cross-Site Scripting
The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...