Jump to content
Sign in to follow this  
SarangBhai

Are SVGs really a security concern?

Recommended Posts

SarangBhai

I love working with svg’s. Everything from custom svg font libraries to animations. Wordpress has never supported SVGs and my understanding is it’s because of security vulnerabilities. But SVGs have been around for a long time and they aren’t going anywhere. What is the danger in using them in a WP site?

 

Share this post


Link to post
Share on other sites
HenryBraxton
On 9/9/2019 at 1:57 PM, SarangBhai said:

I love working with svg’s. Everything from custom svg font libraries to animations. Wordpress has never supported SVGs and my understanding is it’s because of security vulnerabilities. But SVGs have been around for a long time and they aren’t going anywhere. What is the danger in using them in a WP site?whatsapp web 192.168.0.1 routerlogin

 

agreed!

Share this post


Link to post
Share on other sites
Mywifeixt

More of a concern for SVG files is that they can include JavaScript, which will operate in the security context of the hosting site, so you have cross-site-scripting to worry about. Actually all types of uploaded file are vulnerable to this, albeit not in such a direct, easy-to-exploit wayMywifiext

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

×