AVIF Uploader

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-9238	AVIF Uploader AVIF Uploader		0.00	—	0.00		May 15, 2025	The AVIF Uploader WordPress plugin before 1.1.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

CVE-2024-9238May 15, 2025
AVIF Uploader
AVIF Uploader
risk 0.00cvss —epss 0.00
The AVIF Uploader WordPress plugin before 1.1.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.