Lucene search
+L

5 matches found

NVD
NVD
added 2025/02/04 6:15 a.m.16 views

CVE-2024-13115

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1CVSS0.00173EPSS
Exploits1References1
Circl
Circl
added 2025/02/04 6:8 a.m.5 views

CVE-2024-13115

creationtimestamp| type| source ---|---|--- 2025-02-04 06:08:30+00:00| seen| https://infosec.exchange/users/cve/statuses/113944121166063683 2025-02-04 06:13:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113944139633952082 2025-02-04 06:15:55+00:00| seen|...

6.1CVSS8.7AI score0.00173EPSS
Exploits1References5
CVE
CVE
added 2025/02/04 6:0 a.m.62 views

CVE-2024-13115

CVE-2024-13115 pertains to the WordPress plugin “WP Projects Portfolio with Client Testimonials”. Connected sources confirm the issue: the plugin is affected through version 3.0 and is described as lacking CSRF protection in certain areas, with missing sanitization and escaping, enabling a logged...

6.1CVSS6AI score0.00173EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/02/04 6:0 a.m.30 views

CVE-2024-13115 WP Projects Portfolio with Client Testimonials <= 3.0 - Stored XSS via CSRF

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

0.00173EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/04 6:0 a.m.7 views

CVE-2024-13115 WP Projects Portfolio with Client Testimonials <= 3.0 - Stored XSS via CSRF

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6AI score0.00173EPSS
Exploits1References1
Rows per page
Query Builder