The Interactive Content WordPress plugin before 1.15.8...
Unreviewed
Published
Jun 27, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Jun 27, 2024
Published to the GitHub Advisory Database
Jun 27, 2024
The Interactive Content WordPress plugin before 1.15.8 does not validate uploads which could allow a Contributors and above to update malicious SVG files, leading to Stored Cross-Site Scripting issues
References