CVE-2023-7088 in Add SVG Support for Media Uploader Pluginالمعلومات

الملخص

بحسب MITRE • 15/05/2025

The Add SVG Support for Media Uploader | inventivo WordPress plugin through 1.0.5 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

22/12/2023

إفشاء

15/05/2025

الاعتدال

تمت الموافقة

إدخال

VDB-251989

EPSS

0.00243

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Do you know our Splunk app?

Download it now for free!