Количество 2
Количество 2
CVE-2024-4270
The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks.
GHSA-m4j9-whh9-8x9g
The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-4270 The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks. | CVSS3: 5.4 | 0% Низкий | больше 1 года назад |
| GHSA-m4j9-whh9-8x9g The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks. | CVSS3: 5.4 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу