Lucene search
K

6 matches found

OSV
OSV
added 2022/07/25 1:15 p.m.3 views

CVE-2022-2299

The Allow SVG Files WordPress plugin through 1.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

5.4CVSS5.8AI score0.00512EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/07/25 1:15 p.m.3 views

CVE-2022-2299

The Allow SVG Files WordPress plugin through 1.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

5.4CVSS5.9AI score0.00512EPSS
Exploits1References2
CVE
CVE
added 2022/07/25 12:48 p.m.63 views

CVE-2022-2299

The CVE-2022-2299 entry concerns the WordPress plugin Allow SVG Files (

5.4CVSS5.3AI score0.00512EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/07/25 12:0 a.m.2 views

WordPress plugin Allow SVG Files 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

5.4CVSS5.4AI score0.00512EPSS
Exploits1References2
Patchstack
Patchstack
added 2022/07/04 12:0 a.m.39 views

WordPress Allow SVG Files plugin <= 1.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Luan Pedersini in WordPress Allow SVG Files plugin versions = 1.1. Solution Deactivate and delete. This plugin has been closed as of July 1, 2022 and is not available for download. This closure is temporary, pending a full...

5.4CVSS2.4AI score0.00512EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2022/06/20 11:15 a.m.23 views

CVE-2022-1939

The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to...

7.2CVSS0.01436EPSS
Exploits1References1
Rows per page
Query Builder