Vulnerabilities > CVE-2022-1964 - Unspecified vulnerability in Easy SVG Support Project Easy SVG Support

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

easy-svg-support-project

NVD

Published: 2022-06-27

Updated: 2024-11-21

Summary

The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads

Vulnerable Configurations

Part	Description	Count
Application	Easy_Svg_Support_Project Easy SVG Support Project Easy SVG Support *	1

References

https://wpscan.com/vulnerability/52cf7e3c-2a0c-45c4-be27-be87424f1338
https://wpscan.com/vulnerability/52cf7e3c-2a0c-45c4-be27-be87424f1338