exploitDog

GHSA-8phc-fvf5-9cqv

Опубликовано: 21 июн. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to

The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to

Ссылки

EPSS

Процентиль: 75%

0.00875

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2022-1939

CVSS3: 7.2

nvd

больше 3 лет назад

The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to

EPSS

Процентиль: 75%

0.00875

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-434