CVE-2024-8378 | Safe SVG Plugin up to 2.2.5 on WordPress wp_handle_upload cross site scripting

Posted by Angelo Barbosa | Nov 7, 2024 | CVE

A vulnerability classified as problematic was found in Safe SVG Plugin up to 2.2.5 on WordPress. This vulnerability affects the function wp_handle_upload. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-8378. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-8378 | Safe SVG Plugin up to 2.2.5 on WordPress wp_handle_upload cross site scripting

Related Posts

CVE-2024-9355 | golang-fips uninitialized resource

CVE-2024-22406 | Shopware up to 6.5.7.3 API sql injection (GHSA-qmp9-2xwj-m6m9)

CVE-2024-42059 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 FTP os command injection

CVE-2024-44949 | Linux Kernel up to 6.6.45/6.10.4 parisc arch_slab_minalign memory corruption (642a0b7453da/533de2f470ba/7ae04ba36b38)