Security Advisory

CVE-2022-1939

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-20 10:26:20

Last updated 2024-08-03 00:24:42

Assigner WPScan

State PUBLISHED

Description

The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to

← Browse all CVEs View on cve.org ↗