WordPress Plugin Vulnerabilities

Add SVG Support for Media Uploader | inventivo <= 1.0.5 - Author+ Stored XSS via SVG

Description

The plugin does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

Proof of Concept

Affects Plugins

Plugin icon
add-svg-support-for-media-uploader-inventivo
No known fix

References

CVE
CVE-2023-7088

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
4.8 (medium)

Miscellaneous

Original Researcher
Bob Matyas
Submitter
Bob Matyas
Submitter website
https://www.bobmatyas.com
Submitter twitter
bobmatyas
Verified
Yes
WPVDB ID
8f515e36-9072-4fc4-9d2f-d50f1adde626

Timeline

Publicly Published
2024-01-23 (about 1 year ago)
Added
2024-01-23 (about 1 year ago)
Last Updated
2024-01-23 (about 1 year ago)

Other

Published
Title
Published
2020-03-02
Title
Testimonial < 2.1.7 - Authenticated Stored Cross-Site Scripting (XSS)
Published
2016-08-02
Title
Uji Countdown <= 2.0.6 - Cross-Site Scripting (XSS)
Published
2025-04-03
Title
Wptobe-signinup <= 1.1.2 - Reflected Cross-Site Scripting
Published
2015-06-25
Title
WordPress Landing Pages <= 1.8.7 - Unspecified Cross-Site Scripting (XSS)
Published
2024-12-11
Title
GeoFlickr < 1.4 - Reflected Cross-Site Scripting