EUVD-2023-52799

Malicious code in bioql PyPI...

CVE-2023-48766

Cross-Site Request Forgery CSRF vulnerability in SVGator SVGator – Add Animated SVG Easily.This issue affects SVGator – Add Animated SVG Easily: from n/a through 1.2.4...

CVE-2024-4271

The SVGator WordPress plugin through 1.2.6 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks...

CVE-2024-4271

The SVGator WordPress plugin through 1.2.6 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks...

CVE-2024-4271

CVE-2024-4271 affects the SVGator WordPress plugin (

CVE-2024-4271 SVGator <= 1.2.6 - Stored XSS via SVG Upload

The SVGator WordPress plugin through 1.2.6 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks...

CVE-2024-4271 SVGator <= 1.2.6 - Stored XSS via SVG Upload

The SVGator WordPress plugin through 1.2.6 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks...

WordPress plugin SVGator security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress SVGator plugin < 1.3.3- Authenticated Stored XSS via SVG Upload vulnerability

WordPress SVGator plugin 1.3.3- Authenticated Stored XSS via SVG Upload vulnerability discovered by Rayhan Ramdhany Hanaputra in WordPress Plugin SVGator – Add Animated SVG Easily versions 1.3.3...

SVGator <= 1.2.6 - Stored XSS via SVG Upload

Description The plugin does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks. PoC 1. Create a SVG file with the malicious payload within it; Example SVG file:...

SVGator <= 1.2.6 - Stored XSS via SVG Upload

Description The plugin does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks. 1. Create a SVG file with the malicious payload within it; Example SVG file:...

WordPress SVGator – Add Animated SVG Easily Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software SVGator – Add Animated SVG Easily Type Plugin Vulnerable versions = 1.2.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4271 Patch priority Low CVSS severity Low 6.5 Developer SVGator PSID 4d3427c7b584 Credits Rayhan Ramdhany...

CVE-2023-48766

Cross-Site Request Forgery CSRF vulnerability in SVGator SVGator – Add Animated SVG Easily.This issue affects SVGator – Add Animated SVG Easily: from n/a through 1.2.4...

CVE-2023-48766

Cross-Site Request Forgery CSRF vulnerability in SVGator SVGator – Add Animated SVG Easily.This issue affects SVGator – Add Animated SVG Easily: from n/a through 1.2.4...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in SVGator SVGator – Add Animated SVG Easily.This issue affects SVGator – Add Animated SVG Easily: from n/a through 1.2.4...

CVE-2023-48766

CVE-2023-48766 affects the WordPress plugin SVGator – Add Animated SVG Easily (versions

CVE-2023-48766 WordPress SVGator – Add Animated SVG Easily Plugin <= 1.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in SVGator SVGator – Add Animated SVG Easily.This issue affects SVGator – Add Animated SVG Easily: from n/a through 1.2.4...

WordPress Plugin SVGator Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2023-30947 · Svgator · Svgator

Name of the Vulnerable Software and Affected Versions: SVGator – Add Animated SVG Easily versions 1.2.4 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This type of issue allows an attacker to trick a user into performing unintended actions on a web applicati...

SVGator – Add Animated SVG Easily < 1.2.5 - API Token Update/Deletion & Import Projects via CSRF

Description The plugin does not have CSRF checks when updating and deleting API token as well as importing projects, which could allow attackers to make logged in admins perform such actions via CSRF attacks...