VYPR

Safe Svg

by WordPress

Source repositories

CVEs (3)

  • CVE-2019-18855HigNov 11, 2019
    risk 0.49cvss 7.5epss 0.03

    A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes.

  • CVE-2019-18854HigNov 11, 2019
    risk 0.49cvss 7.5epss 0.03

    A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '' substring.

  • CVE-2024-8378MedNov 7, 2024
    risk 0.31cvss 4.8epss 0.00

    The Safe SVG WordPress plugin before 2.2.6 has its sanitisation code is only running for paths that call wp_handle_upload, but not for example for code that uses wp_handle_sideload which is often used to upload attachments via raw POST data.