Vulnerability Details CVE-2024-11184
The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.5%
CVSS Severity
CVSS v3 Score 4.8
References
Products affected by CVE-2024-11184
-
cpe:2.3:a:wp_enable_svg_project:wp_enable_svg:*