WordPress Visual Portfolio Plugin <= 2.17.1 - Unauthenticated CSS Injection vulnerability

2022-08-1500:00:00

Krzysztof Zając

patchstack.com

0.001 Low

EPSS

Percentile

41.1%

Unauthenticated CSS Injection vulnerability discovered by Krzysztof Zając in Visual Portfolio plugin (versions <= 2.17.1)

Solution

           Update the WordPress Visual Portfolio, Photo Gallery & Post Grid plugin to the latest available version (at least 1.18.0).

CPENameOperatorVersion
visual portfolio, photo gallery & post gridle2.17.1

CPE	Name	Operator	Version
	visual portfolio, photo gallery & post grid	le	2.17.1

wpscan.com/vulnerability/5dc8b671-f2fa-47be-8664-9005c4fdbea8

0.001 Low

EPSS

Percentile

41.1%

Related for PATCHSTACK:AA624FF9B20D3C534462821CE02987F4