CVE-2022-1939

The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to
References
Configurations

Configuration 1

cpe:2.3:a:allow_svg_files_project:allow_svg_files:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-06-20 11:15

Updated : 2022-06-28 06:30


NVD link : CVE-2022-1939

Mitre link : CVE-2022-1939

Products Affected
No products.
CWE