Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.6 views

CVE-2024-12527

The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'perfectportalintakeform' shortcode in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References1
NVD
NVD
added 2025/01/11 8:15 a.m.6 views

CVE-2024-12527

The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'perfectportalintakeform' shortcode in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00325EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/11 7:21 a.m.4 views

CVE-2024-12527 Perfect Portal Widgets <= 3.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'perfectportalintakeform' shortcode in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References3
CVE
CVE
added 2025/01/11 7:21 a.m.38 views

CVE-2024-12527

CVE-2024-12527 affects the Perfect Portal Widgets WordPress plugin. A stored XSS flaw exists in the perfect_portal_intake_form shortcode that can be triggered by authenticated users with contributor-level access and above, allowing arbitrary scripts to run when pages with the injected content are...

6.4CVSS5.7AI score0.00325EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/11 7:21 a.m.13 views

CVE-2024-12527 Perfect Portal Widgets <= 3.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'perfectportalintakeform' shortcode in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00325EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/11 12:0 a.m.4 views

WordPress plugin Perfect Portal Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.4CVSS7.7AI score0.00325EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/10 9:50 p.m.4 views

WordPress Perfect Portal Widgets plugin <= 3.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Perfect Portal Widgets versions = 3.0.3...

6.4CVSS5.7AI score0.00325EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder