CVE-2023-7088 in Add SVG Support for Media Uploader Plugininfo

Zusammenfassung

von MITRE • 15.05.2025

The Add SVG Support for Media Uploader | inventivo WordPress plugin through 1.0.5 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

22.12.2023

Veröffentlichung

15.05.2025

Moderieren

akzeptiert

Eintrag

VDB-251989

CPE

bereit

EPSS

0.00243

KEV

nein

Aktivitäten

very low

Quellen

Want to stay up to date on a daily basis?

Enable the mail alert feature now!