exploitDog

GHSA-m87q-2m67-hxxh

Опубликовано: 15 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript.

The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript.

Ссылки

EPSS

Процентиль: 89%

0.04479

Низкий

9.1 Critical

CVSS3

CVE ID

Связанные уязвимости

CVE-2024-8673

CVSS3: 9.1

nvd

9 месяцев назад

The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript.

EPSS

Процентиль: 89%

0.04479

Низкий

9.1 Critical

CVSS3

CVE ID