cleantalk
Vulnerabilities and Security Researches

Safe SVG, CVE-2019-18854

CVE, Research URL

CVE-2019-18854

Home page URL

Security reports for Safe SVG

Application

Safe SVG

Published on
Nov 11, 2019
Research Description
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.
Affected versions
Min -, max 1.9.5.
Status
vulnerable
Previous vulnerability researches
Safe SVG (CVE-2024-8378) , Nov 08, 2024
Safe SVG , Feb 17, 2025
Safe SVG (CVE-2022-1091) , Jun 07, 2024
Safe SVG (CVE-2019-18854) , Jun 07, 2024
Safe SVG (CVE-2023-28426) , Jun 07, 2024
New vulnerability
Password Protected &#8211; Ultimate Plugin to Password Protect Your WordPress Content with Ease (CVE-2025-3453) , Apr 18, 2025
Site Search 360 (CVE-2025-39530) , Apr 17, 2025
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2025-39589) , Apr 17, 2025
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2025-39590) , Apr 17, 2025
Basic Interactive World Map (CVE-2025-39517) , Apr 17, 2025