The Uploading SVG, WEBP and ICO... CVE-2023-4460

- AV AC AU C I A
发布: 2023-12-04
修订: 2024-10-01

The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息