Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2024-11-21

CVE-2022-2299 - Allow Svg Files Plugin

The Allow SVG Files WordPress plugin through 1.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads

PLUGIN Allow Svg Files

CVE-2022-2299

MEDIUM CVSS 5.4 2022-07-25

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-1939 - Allow Svg Files Plugin

The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to

PLUGIN Allow Svg Files

CVE-2022-1939

HIGH CVSS 7.2 2022-06-20

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2022-2299 - Allow Svg Files Plugin

CVE-2022-1939 - Allow Svg Files Plugin

Company Links

Contact Us