Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

RedhatCVE
RedhatCVEadded 2026/01/28 9:17 a.m.4 views

CVE-2026-24807

Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...

5.3CVSS5.9AI score0.00015EPSS
Exploits0References1
OSV
OSVadded 2026/01/27 9:15 a.m.2 views

CVE-2026-24806

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...

5.3CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/27 8:43 a.m.4 views

CVE-2026-24807

Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...

5.3CVSS5.9AI score0.00015EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/27 8:42 a.m.25 views

CVE-2026-24806 Buffer Write Security Vulnerability in liuyueyi/quick-media

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...

5.3CVSS0.00092EPSS
Exploits0References1
EUVD
EUVDadded 2026/01/27 8:42 a.m.2 views

EUVD-2026-4758

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...

5.3CVSS5.9AI score0.00092EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:18 a.m.6 views

CVE-2019-18854

A Denial Of Service vulnerability exists in the safe-svg aka Safe SVG plugin through 1.9.4 for WordPress, related to unlimited recursion for a '' substring...

7.5CVSS6.8AI score0.00629EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-8551

Malware in sbrugna...

7.5CVSS7.5AI score0.00629EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-8552

Malware in sbrugna...

7.5CVSS7.5AI score0.00629EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-1635

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00468EPSS
Exploits2References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-49700

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00157EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/06/18 10:3 a.m.3 views

Malicious code in react-svg-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af2a1717363aad3bb129687fc2526ded4d96a8d7e578862b6d400cf5864e1985 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2025/06/18 10:3 a.m.0 views

MAL-2025-5167 Malicious code in react-svg-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af2a1717363aad3bb129687fc2526ded4d96a8d7e578862b6d400cf5864e1985 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:36 a.m.4 views

CVE-2024-4272

The Support SVG WordPress plugin before 1.1.0 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks...

6.1CVSS5.7AI score0.00256EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:50 a.m.7 views

CVE-2024-11644

The WP-SVG WordPress plugin through 0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS5.9AI score0.00123EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 8:10 a.m.5 views

CVE-2019-18855

A Denial Of Service vulnerability exists in the safe-svg aka Safe SVG plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes...

7.5CVSS6.8AI score0.00629EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/17 9:4 p.m.6 views

CVE-2023-6541

The Allow SVG WordPress plugin before 1.2.0 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

6.1CVSS5.9AI score0.00388EPSS
Exploits2References3
Vulnrichment
Vulnrichmentadded 2025/05/15 8:9 p.m.7 views

CVE-2023-6541 Allow SVG < 1.2.0 - Author+ Stored XSS via SVG

The Allow SVG WordPress plugin before 1.2.0 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

6.1AI score0.00388EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2025/05/15 12:0 a.m.2 views

PT-2025-21373 · WordPress · Allow Svg

Name of the Vulnerable Software and Affected Versions: Allow SVG WordPress plugin versions prior to 1.2.0 Description: The issue concerns the failure to sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

6.1CVSS9.1AI score0.00388EPSS
Exploits2References4
OpenVAS
OpenVASadded 2025/02/05 12:0 a.m.6 views

WordPress Safe SVG Plugin < 2.2.6 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:safesvgproject:safesvg"; ifdescription...

4.8CVSS7AI score0.00158EPSS
Exploits1References1
OpenVAS
OpenVASadded 2025/02/05 12:0 a.m.2 views

WordPress Safe SVG Plugin < 1.9.6 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:safesvgproject:safesvg"; ifdescription...

7.2AI score
Exploits0References1
Rows per page
Query Builder