6 matches found
CVE-2023-7089
The Easy SVG Allow WordPress plugin through 1.0 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2023-7089
The Easy SVG Allow WordPress plugin through 1.0 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2023-7089 Easy SVG Allow <= 1.0 - Author+ Stored XSS via SVG
The Easy SVG Allow WordPress plugin through 1.0 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2023-7089 Easy SVG Allow <= 1.0 - Author+ Stored XSS via SVG
The Easy SVG Allow WordPress plugin through 1.0 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2023-7089
CVE-2023-7089 – Easy SVG Allow (WordPress)
WordPress Easy SVG Allow Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software Easy SVG Allow Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7089 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 25d22827f930 Credits Bob Matyas Required privilege...