Lucene search
+L

4 matches found

Circl
Circl
added 2025/04/02 9:34 a.m.9 views

CVE-2025-2513

creationtimestamp| type| source ---|---|--- 2025-04-02 09:34:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10043 2025-04-02 14:59:03+00:00| seen| https://t.me/cvedetector/21859...

6.4CVSS8.7AI score0.00299EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/02 9:21 a.m.3 views

CVE-2025-2513 Smart Icons For WordPress <= 1.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The Smart Icons For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access...

6.4CVSS5.9AI score0.00299EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/02 9:21 a.m.25 views

CVE-2025-2513 Smart Icons For WordPress <= 1.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The Smart Icons For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access...

6.4CVSS0.00299EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/04/01 10:7 p.m.5 views

WordPress Smart Icons For WordPress plugin <= 1.0.4 - Authenticated (Editor+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Editor+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Avraham Shemesh in WordPress Plugin Smart Icons For WordPress versions = 1.0.4...

6.4CVSS6.3AI score0.00299EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder