GHSA-J77F-79W9-RGHC The wp-enable-svg WordPress plugin does not sanitize SVG files when uploaded

The wp-enable-svg WordPress plugin through 0.2 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts...

The wp-enable-svg WordPress plugin does not sanitize SVG files when uploaded

The wp-enable-svg WordPress plugin through 0.2 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts...

CVE-2022-1562

The Enable SVG WordPress plugin before 1.4.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

WordPress plugin Enable SVG 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Enable SVG plugin version 1.4.0 or earlier has a cross-site scripting vulnerability that...