WordPress Plugin Vulnerabilities

SVG Support < 2.5.8 - Author+ Cross-Site Scripting via SVG

Description

The plugin is vulnerable to Stored Cross-Site Scripting via the SVG upload feature due to insufficient input sanitization and output escaping, even when the 'Sanitize SVG while uploading' feature is enabled. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note that successful exploitation of this vulnerability requires the administrator to allow author-level users to upload SVG files.

Affects Plugins

Plugin icon
svg-support
Fixed in 2.5.8

References

CVE
CVE-2023-6708
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/72bcfd2a-6803-4073-8fa9-62bcf0a10571

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
4.0 (medium)

Miscellaneous

Original Researcher
Nathanial Lattimer (d0nut)
Verified
No
WPVDB ID
e168ed43-e6a6-4105-beb1-0c5265767d6d

Timeline

Publicly Published
2024-07-17 (about 1 year ago)
Added
2024-07-17 (about 1 year ago)
Last Updated
2024-08-23 (about 1 year ago)

Other

Published
Title
Published
2024-05-22
Title
iframe < 5.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode
Published
2025-01-15
Title
Verge3D < 4.8.1 - Reflected Cross-Site Scripting
Published
2025-06-26
Title
Content Manager Light <= 3.2 - Reflected Cross-Site Scripting
Published
2024-12-05
Title
Wot Elementor Widgets <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-04-05
Title
YourChannel < 1.2.6 - Admin+ Stored XSS