CVE-2022-1964 Information

Description

The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads

Reference

https://wpscan.com/vulnerability/52cf7e3c-2a0c-45c4-be27-be87424f1338