cve/CVE-2023-7085.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 4edef1e4c8 Update CVE sources 2024-05-28 08:49

2024-05-28 08:49:17 +00:00

764 B

Raw Permalink Blame History

CVE-2023-7085

Description

The Scalable Vector Graphics (SVG) WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

POC

Reference

https://wpscan.com/vulnerability/a2ec1308-75a0-49d0-9288-33c6d9ee4328/

Github

https://github.com/NaInSec/CVE-LIST

764 B Raw Permalink Blame History

CVE-2023-7085

Description

POC

Reference

Github

764 B

Raw Permalink Blame History