Lucene search
K

4 matches found

Patchstack
Patchstack
added 2022/06/01 12:0 a.m.33 views

WordPress Easy SVG Support plugin <= 3.2.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability via SVG

Authenticated Stored Cross-Site Scripting XSS vulnerability via SVG discovered by Luan Pedersini in WordPress Easy SVG Support plugin versions = 3.2.0. Solution Update the WordPress Easy SVG Support plugin to the latest available version at least 3.3.0...

5.4CVSS2.9AI score0.00558EPSS
Exploits2References2Affected Software1
Patchstack
Patchstack
added 2022/05/30 12:0 a.m.25 views

WordPress Allow svg files plugin <= 1.0 - Authenticated Arbitrary File Upload vulnerability

Authenticated Arbitrary File Upload vulnerability discovered by Luan Pedersini in WordPress Allow svg files plugin versions = 1.0. Solution Update the WordPress Allow svg files plugin to the latest available version at least 1.1...

7.2CVSS3.4AI score0.01436EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2022/05/03 12:0 a.m.21 views

WordPress Enable SVG plugin <= 1.3.1 - Stored Cross-Site Scripting (XSS) vulnerability via SVG

Stored Cross-Site Scripting XSS vulnerability via SVG discovered by Luan Pedersini in WordPress Enable SVG plugin versions = 1.3.1. Solution Update the WordPress Enable SVG plugin to the latest available version at least 1.4.0...

5.4CVSS2.8AI score0.00571EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2022/04/19 12:0 a.m.36 views

WordPress External Media without Import plugin <= 1.1.2 - Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability discovered by Luan Pedersini in WordPress External Media without Import plugin versions = 1.1.2. Solution Deactivate and delete. This plugin has been closed as of March 28, 2022 and is not available for download. This closure is temporary, pending a...

6.5CVSS3.8AI score0.02941EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder