5 matches found
CVE-2023-7086
The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2023-7086
The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2023-7086 SVG Uploads Support <= 2.1.1 - Author+ Stored XSS via SVG
The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2023-7086
The CVE-2023-7086 entry corresponds to the SVG Uploads Support WordPress plugin, affected up to version 2.1.1. The root cause is failure to sanitize uploaded SVG files, enabling stored XSS via SVG content (reported as exploitable by authors and higher). Public details in the provided documents co...
CVE-2023-7086 SVG Uploads Support <= 2.1.1 - Author+ Stored XSS via SVG
The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...