CVE-2024-4272
CVE-2024-4272 affects the WordPress plugin Support SVG (versions before 1.1.0). The issue: SVG file contents are not sanitized, enabling users with at least the author role to upload SVGs that can execute malicious JavaScript, leading to Stored XSS. Connected sources corroborate the vulnerability...