Vulnerabilities and Security Researches

Vulnerabilities and security researches forwebp-svg-support webp-svg-support

Direction: ascending

Jun 28, 2024

WebP & SVG Support # CVE-2024-3633

CVE, Research URL: CVE-2024-3633
Home page URL: Security reports for WebP & SVG Support
Application: WebP & SVG Support
Date: Jun 26, 2024
Research Description: The WebP & SVG Support WordPress plugin through 1.4.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.
Affected versions: Min -, max -.
Status: vulnerable