Vulnerabilities > 10Up > Safe SVG > 1.7.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-18 | CVE-2022-1091 | Cross-site Scripting vulnerability in 10Up Safe SVG The sanitisation step of the Safe SVG WordPress plugin before 1.9.10 can be bypassed by spoofing the content-type in the POST request to upload a file. | 4.3 |
| 2019-11-11 | CVE-2019-18855 | Unspecified vulnerability in 10Up Safe SVG A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes. | 7.5 |
| 2019-11-11 | CVE-2019-18854 | Uncontrolled Recursion vulnerability in 10Up Safe SVG A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... | 7.5 |