MidnightBSD

Advisories for boldblocks

CVE-2024-4269

The SVG Block WordPress plugin before 1.1.20 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks.

Products Affected

Vendor Product Version
boldblocks svg_block *