CVE-2025-14120 | URL Image Importer Plugin up to 1.0.7 on WordPress SVG File Upload cross site scripting

Inserito da Angelo Barbosa | Gen 5, 2026 | CVE

A vulnerability identified as problematic has been detected in URL Image Importer Plugin up to 1.0.7 on WordPress. This impacts an unknown function of the component SVG File Upload Handler. Performing a manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2025-14120. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-14120 | URL Image Importer Plugin up to 1.0.7 on WordPress SVG File Upload cross site scripting

Post correlati

CVE-2024-0751 | Mozilla Firefox up to 115.6 Devtool Extension Privilege Escalation

CVE-2023-1973 | Red Hat Undertow FormAuthenticationMechanism memory allocation

CVE-2024-57879 | Linux Kernel up to 6.12.5 Bluetooth iso_listen_bis Privilege Escalation

CVE-2023-7279 | Secure Systems Engineering Connaisseur up to 3.3.0 Delegation Name targets_schema.json redos (ID 1407)