Описание
The Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) WordPress plugin before 2.5.0 does not sanitize SVG file contents when uploaded through the xmlrpc.php endpoint using base64 encode, leading to a Cross-Site Scripting vulnerability.
EPSS
Процентиль: 9%
0.00033
Низкий
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 4.3
github
11 дней назад
The Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) WordPress plugin before 2.5.0 does not sanitize SVG file contents when uploaded through the xmlrpc.php endpoint using base64 encode, leading to a Cross-Site Scripting vulnerability.
EPSS
Процентиль: 9%
0.00033
Низкий
4.3 Medium
CVSS3