Lucene search
K

13 matches found

Patchstack
Patchstack
added 2025/11/05 1:37 a.m.5 views

WordPress Phlox Portfolio plugin <= 2.3.10 - Unauthenticated Local File Inclusion via args[extra_template_path] vulnerability

Unauthenticated Local File Inclusion via argsextratemplatepath vulnerability discovered by LionTree in WordPress Plugin Phlox Portfolio versions = 2.3.10...

8.1CVSS6.8AI score0.00606EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-42216

Malicious code in bioql PyPI...

8.6CVSS9.1AI score0.006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:24 a.m.7 views

CVE-2023-38399

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...

8.6CVSS6.8AI score0.006EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/29 1:15 a.m.7 views

WordPress Premium Portfolio Features for Phlox theme plugin <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Lucio Sá in WordPress Plugin Phlox Portfolio versions = 2.3.4...

6.4CVSS5.7AI score0.00358EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/29 12:0 a.m.14 views

WordPress Phlox Portfolio Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1384 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9c1fb070fd76 Credits Lucio Sá Required privileg...

6.4CVSS5.8AI score0.00358EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/16 2:19 a.m.7 views

WordPress Premium Portfolio Features for Phlox theme plugin <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ' Grid Portfolios' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via ' Grid Portfolios' vulnerability discovered by wesley wcraft in WordPress Plugin Phlox Portfolio versions = 2.3.2...

6.4CVSS5.8AI score0.00377EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/16 12:0 a.m.17 views

WordPress Phlox Portfolio Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3587 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2481f1e17cc6 Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00377EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/05/17 7:15 a.m.13 views

CVE-2023-38399

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...

8.6CVSS8.6AI score0.006EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 6:52 a.m.20 views

CVE-2023-38399 WordPress Phlox Portfolio plugin <= 2.3.1 - Unauthenticated Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...

8.6CVSS8.6AI score0.006EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 6:52 a.m.22 views

CVE-2023-38399 WordPress Phlox Portfolio plugin <= 2.3.1 - Unauthenticated Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...

8.6CVSS6.9AI score0.006EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.4 views

WordPress plugin Phlox Portfolio 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

8.6CVSS8.7AI score0.006EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.6 views

PT-2024-12725 · Unknown · Averta Phlox Portfolio

Name of the Vulnerable Software and Affected Versions: Averta Phlox Portfolio versions prior to 2.3.1 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows PHP Local File Inclusion. This means that an...

8.6CVSS9.4AI score0.006EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/11/15 12:0 a.m.10 views

WordPress Phlox Portfolio Plugin <= 2.3.1 is vulnerable to Local File Inclusion

Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2023-38399 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 2298d332cdc8 Credits Rafie Muhammad Patchstack Required...

8.6CVSS6.8AI score0.006EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder