Every CVE whose affected-product data names 10up Safe Svg, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-18854 — CVSS 7.5 (high): A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion…
CVE-2019-18855 — CVSS 7.5 (high): A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted…
CVE-2022-1091 — CVSS 6.1 (medium): The sanitisation step of the Safe SVG WordPress plugin before 1.9.10 can be bypassed by spoofing the content-type in the POST request to…
CVE-2024-8378 — CVSS 4.8 (medium): The Safe SVG WordPress plugin before 2.2.6 has its sanitisation code is only running for paths that call wp_handle_upload, but not for…