13 matches found
WordPress Phlox Portfolio plugin <= 2.3.10 - Unauthenticated Local File Inclusion via args[extra_template_path] vulnerability
Unauthenticated Local File Inclusion via argsextratemplatepath vulnerability discovered by LionTree in WordPress Plugin Phlox Portfolio versions = 2.3.10...
EUVD-2023-42216
Malicious code in bioql PyPI...
CVE-2023-38399
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...
WordPress Premium Portfolio Features for Phlox theme plugin <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Lucio Sá in WordPress Plugin Phlox Portfolio versions = 2.3.4...
WordPress Phlox Portfolio Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1384 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9c1fb070fd76 Credits Lucio Sá Required privileg...
WordPress Premium Portfolio Features for Phlox theme plugin <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ' Grid Portfolios' vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via ' Grid Portfolios' vulnerability discovered by wesley wcraft in WordPress Plugin Phlox Portfolio versions = 2.3.2...
WordPress Phlox Portfolio Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3587 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2481f1e17cc6 Credits wesley wcraft Required...
CVE-2023-38399
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...
CVE-2023-38399 WordPress Phlox Portfolio plugin <= 2.3.1 - Unauthenticated Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...
CVE-2023-38399 WordPress Phlox Portfolio plugin <= 2.3.1 - Unauthenticated Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...
WordPress plugin Phlox Portfolio 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
PT-2024-12725 · Unknown · Averta Phlox Portfolio
Name of the Vulnerable Software and Affected Versions: Averta Phlox Portfolio versions prior to 2.3.1 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows PHP Local File Inclusion. This means that an...
WordPress Phlox Portfolio Plugin <= 2.3.1 is vulnerable to Local File Inclusion
Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2023-38399 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 2298d332cdc8 Credits Rafie Muhammad Patchstack Required...