CVE-2025-63830 | CKFinder 1.4.3 SVG cross site scripting

November 14, 2025 Yanac

A vulnerability was found in CKFinder 1.4.3. It has been rated as problematic. This affects an unknown part of the component SVG Handler. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2025-63830. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More

CVE-2025-8994 | WP Project Manager Plugin up to 2.6.26 on WordPress completed_at_operator sql injection
CVE-2025-54560 | Desktop Alert PingAlert up to 6.1.1.2 server-side request forgery