Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.7 views

CVE-2022-2543

The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have proper authorisation checks in some of its REST endpoints, allowing unauthenticated users to call them and inject arbitrary CSS in arbitrary saved layouts...

6.1CVSS6.9AI score0.00496EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/09/05 1:15 p.m.3 views

CVE-2022-2543

The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have proper authorisation checks in some of its REST endpoints, allowing unauthenticated users to call them and inject arbitrary CSS in arbitrary saved layouts...

6.1CVSS6.5AI score0.00496EPSS
Exploits2References2
CVE
CVE
added 2022/09/05 12:35 p.m.88 views

CVE-2022-2543

The CVE-2022-2543 entry concerns the Visual Portfolio, Photo Gallery & Post Grid WordPress plugin prior to version 2.18.0. The issue is a lack of proper authorization checks in certain REST endpoints, enabling unauthenticated users to invoke endpoints and inject arbitrary CSS into saved layouts. ...

6.1CVSS6.3AI score0.00496EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/09/05 12:35 p.m.34 views

CVE-2022-2543 Visual Portfolio < 2.18.0 - Unauthenticated CSS Injection

The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have proper authorisation checks in some of its REST endpoints, allowing unauthenticated users to call them and inject arbitrary CSS in arbitrary saved layouts...

6.5AI score0.00496EPSS
Exploits2References1
Rows per page
Query Builder