VYPR

Easy SVG Allow

by WordPress

CVEs (1)

  • CVE-2023-7089MedJan 29, 2024
    risk 0.35cvss 5.4epss 0.00

    The Easy SVG Allow WordPress plugin through 1.0 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.