Lucene search
K

6 matches found

Patchstack
Patchstack
added 2024/03/19 12:0 a.m.10 views

WordPress Scalable Vector Graphics (SVG) Plugin <= 3.4 is vulnerable to Cross Site Scripting (XSS)

Software Scalable Vector Graphics SVG Type Plugin Vulnerable versions = 3.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7085 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 893df7114366 Credits Bob Matyas...

5.4CVSS5.7AI score0.00371EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2024/03/18 7:15 p.m.2 views

CVE-2023-7085

The Scalable Vector Graphics SVG WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

5.4CVSS7.3AI score0.00371EPSS
Exploits2References1
NVD
NVD
added 2024/03/18 7:15 p.m.13 views

CVE-2023-7085

The Scalable Vector Graphics SVG WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

5.4CVSS5.8AI score0.00371EPSS
Exploits2References1
CVE
CVE
added 2024/03/18 7:5 p.m.72 views

CVE-2023-7085

CVE-2023-7085 affects the SVG WordPress plugin up to version 3.4, where uploaded SVG files are not sanitized, enabling stored XSS via SVGs submitted by users with Author+ privileges. Root cause: lack of sanitization in SVG upload handling. Impact per sources: XSS payloads could be processed in th...

5.4CVSS5.6AI score0.00371EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/03/18 7:5 p.m.22 views

CVE-2023-7085 Scalable Vector Graphics (SVG) <= 3.4 - Author+ Stored XSS via SVG

The Scalable Vector Graphics SVG WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

5.9AI score0.00371EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/03/18 7:5 p.m.13 views

CVE-2023-7085 Scalable Vector Graphics (SVG) <= 3.4 - Author+ Stored XSS via SVG

The Scalable Vector Graphics SVG WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

6.2AI score0.00371EPSS
Exploits2References1
Rows per page
Query Builder