cleantalk
Vulnerabilities and Security Researches

Safe SVG, CVE-2019-18854

CVE, Research URL

CVE-2019-18854

Home page URL

Security reports for Safe SVG

Application

Safe SVG

Published on
Nov 11, 2019
Research Description
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.
Affected versions
Min -, max 1.9.5.
Status
vulnerable
Previous vulnerability researches
Safe SVG (CVE-2024-8378) , Nov 08, 2024
Safe SVG , Feb 17, 2025
Safe SVG (CVE-2022-1091) , Jun 07, 2024
Safe SVG (CVE-2019-18854) , Jun 07, 2024
Safe SVG (CVE-2023-28426) , Jun 07, 2024
New vulnerability
Dynamic Pricing With Discount Rules for WooCommerce (CVE-2025-47544) , May 09, 2025
Woobox (CVE-2025-47662) , May 09, 2025
Woobox (CVE-2025-47675) , May 09, 2025
Simple File List (CVE-2025-47450) , May 09, 2025
WP Gravity Forms Dynamics CRM (CVE-2025-47454) , May 09, 2025