CVE-2023-7085 – Scalable Vector Graphics (SVG) <= 3.4 - Author+ Stored XSS via SVG

https://notcve.org/view.php?id=CVE-2023-7085

The Scalable Vector Graphics (SVG) WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. El complemento Scalable Vector Graphics (SVG) de WordPress hasta la versión 3.4 no sanitiza los archivos SVG cargados, lo que podría permitir a los usuarios con un rol tan bajo como Autor cargar un SVG malicioso que contenga payloads XSS. The Scalable Vector Graphics (SVG) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVGs in all versions up to, and including, 3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/a2ec1308-75a0-49d0-9288-33c6d9ee4328 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •