📦 Sirv

The Sirv WordPress plugin (versions up to 7.2.6) allows authenticated attackers with Contributor-level access or higher to upload arbitrary files due to missing file type validation. This vulnerabilit...

This vulnerability in the Sirv WordPress plugin allows authenticated attackers with Contributor-level access or higher to delete arbitrary WordPress option values. This can be exploited to cause denia...

The Sirv WordPress plugin versions up to 7.2.9 have a stored XSS vulnerability in SVG file uploads. Authenticated attackers with Author privileges or higher can inject malicious scripts that execute w...

The Sirv WordPress plugin has a missing capability check vulnerability that allows authenticated users with Subscriber-level access or higher to modify plugin settings. Attackers can change the connec...