WordPress plugin Allow SVG 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress GF Custom Style plugin <= 2.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin GF Custom Style versions = 2.0...

PT-2024-21998 · Unknown · Huly Platform

Name of the Vulnerable Software and Affected Versions: Huly Platform version 0.6.202 Description: The issue allows attackers to execute arbitrary code via the upload of a crafted SVG file to issues, which is a result of a Cross Site Scripting vulnerability. Recommendations: For Huly Platform...

Huly Platform Security Vulnerability

Huly Platform is an open source all-in-one project management platform. A security vulnerability exists in hcengineering Huly Platform version v.0.6.202. An attacker can exploit the vulnerability by uploading a specially crafted SVG file to run arbitrary code...

MonicaHQ Security Breach

MonicaHQ is a relationship management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version 4.0.0. An attacker can exploit this vulnerability to upload SVG documents that contain cross-site scripting vulnerabilities...

FlatPress 跨站脚本漏洞

FlatPress is a Php-based blog builder with no database support from the FlatPress community. A cross-site scripting vulnerability exists in FlatPress v1.2.1, which stems from the discovery of a cross-site scripting XSS vulnerability in the Upload SVG File function...