← back
CVE-2019-18854

CVE-2019-18854

EPSS 2.6%
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/zeroday/FG-VD-19-113https://plugins.trac.wordpress.org/changeset/2185438https://wordpress.org/plugins/safe-svg/#developershttps://wpvulndb.com/vulnerabilities/9937