4 matches found
CVE-2025-2513
creationtimestamp| type| source ---|---|--- 2025-04-02 09:34:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10043 2025-04-02 14:59:03+00:00| seen| https://t.me/cvedetector/21859...
CVE-2025-2513 Smart Icons For WordPress <= 1.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The Smart Icons For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access...
CVE-2025-2513 Smart Icons For WordPress <= 1.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The Smart Icons For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access...
WordPress Smart Icons For WordPress plugin <= 1.0.4 - Authenticated (Editor+) Stored Cross-Site Scripting via SVG File Upload vulnerability
Authenticated Editor+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Avraham Shemesh in WordPress Plugin Smart Icons For WordPress versions = 1.0.4...