3 matches found
CVE-2025-2544
The AI Content Pipelines plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
CVE-2025-2544
AI Content Pipelines (WordPress) shows a Stored Cross-Site Scripting vulnerability via SVG file uploads in versions ≤ 1.6, caused by insufficient input sanitization and output escaping. The issue can be triggered by an authenticated user with Author-level access and above, potentially affecting p...
WordPress AI Content Pipelines plugin <= 1.6 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability
Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Avraham Shemesh in WordPress Plugin AI Content Pipelines versions = 1.6...