10up Safe Svg
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in 10up Safe Svg.
By the Year
In 2026 there have been 0 vulnerabilities in 10up Safe Svg. Safe Svg did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 6.10 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 0.00 |
It may take a day or so for new Safe Svg vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent 10up Safe Svg Security Vulnerabilities
Safe SVG WP Plugin <2.2.6 Bypasses Sanitisation
CVE-2024-8378
- November 07, 2024
The Safe SVG WordPress plugin before 2.2.6 has its sanitisation code is only running for paths that call wp_handle_upload, but not for example for code that uses wp_handle_sideload which is often used to upload attachments via raw POST data.
The sanitisation step of the Safe SVG WordPress plugin before 1.9.10
CVE-2022-1091
6.1 - Medium
- April 18, 2022
The sanitisation step of the Safe SVG WordPress plugin before 1.9.10 can be bypassed by spoofing the content-type in the POST request to upload a file. Exploiting this vulnerability, an attacker will be able to perform the kinds of attacks that this plugin should prevent (mainly XSS, but depending on further use of uploaded SVG files potentially other XML attacks).
XSS
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress
CVE-2019-18855
- November 11, 2019
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes.
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress
CVE-2019-18854
- November 11, 2019
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for 10up Safe Svg or by 10up? Click the Watch button to subscribe.
