CVE-2025-12451 | Easy SVG Support Plugin up to 4.0 on WordPress SVG File cross site scripting

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Easy SVG Support Plugin up to 4.0 on WordPress. Impacted is an unknown function of the component SVG File Handler. The manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2025-12451. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-12451 | Easy SVG Support Plugin up to 4.0 on WordPress SVG File cross site scripting

Post correlati

CVE-2024-50394 | QNAP Systems Helpdesk up to 3.3.2 certificate validation (qsa-25-05)

CVE-2024-23817 | Dolibarr = 18.0.4 cross site scripting (GHSA-7947-48q7-cp5m)

CVE-2024-7462 | TOTOLINK N350RT 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi setWizardCfg ssid buffer overflow

CVE-2026-2623 | Blossom up to 1.17.1 File Upload BLOSManager.java put path traversal