Lucene search
K

5 matches found

OSV
OSV
added 2025/05/15 8:15 p.m.4 views

CVE-2023-7086

The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

5.4CVSS5.8AI score0.00243EPSS
Exploits2References1
NVD
NVD
added 2025/05/15 8:15 p.m.6 views

CVE-2023-7086

The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

5.4CVSS0.00243EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:9 p.m.30 views

CVE-2023-7086 SVG Uploads Support <= 2.1.1 - Author+ Stored XSS via SVG

The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

6.2AI score0.00243EPSS
Exploits2References1
CVE
CVE
added 2025/05/15 8:9 p.m.44 views

CVE-2023-7086

The CVE-2023-7086 entry corresponds to the SVG Uploads Support WordPress plugin, affected up to version 2.1.1. The root cause is failure to sanitize uploaded SVG files, enabling stored XSS via SVG content (reported as exploitable by authors and higher). Public details in the provided documents co...

5.4CVSS9.2AI score0.00243EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2025/05/15 8:9 p.m.10 views

CVE-2023-7086 SVG Uploads Support <= 2.1.1 - Author+ Stored XSS via SVG

The SVG Uploads Support WordPress plugin through 2.1.1 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

0.00243EPSS
Exploits2References1
Rows per page
Query Builder