A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.Referenceshttps://wpvulndb.com/vulnerabilities/9937https://fortiguard.com/zeroday/FG-VD-19-113https://plugins.trac.wordpress.org/changeset/2185438https://wordpress.org/plugins/safe-svg/#developers
