CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-1964

The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://wpscan.com/vulnerability/52cf7e3c-2a0c-45c4-be27-be87424f1338
https://wpscan.com/vulnerability/52cf7e3c-2a0c-45c4-be27-be87424f1338

Products affected by CVE-2022-1964

Easy Svg Support Project » Easy Svg Support » Version: Any

cpe:2.3:a:easy_svg_support_project:easy_svg_support:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1964

Products

Pricing

Contact Us