Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:57 a.m.10 views

CVE-2024-33537

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme Horse WP Portfolio allows Stored XSS.This issue affects WP Portfolio: from n/a through 2.4...

6.5CVSS5.2AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/29 5:26 a.m.21 views

CVE-2024-33537 WordPress WP Portfolio theme <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme Horse WP Portfolio allows Stored XSS.This issue affects WP Portfolio: from n/a through 2.4...

6.5CVSS6.6AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2024/04/29 5:26 a.m.56 views

CVE-2024-33537

The CVE-2024-33537 entry describes a Stored XSS in WP Portfolio (Theme Horse WP Portfolio) affecting WP Portfolio versions up to 2.4. Root cause is improper neutralization of input during web page generation. The CVSS vector indicates Network access, Low attack complexity, and user interaction re...

6.5CVSS5.2AI score0.00351EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/25 12:0 a.m.16 views

WordPress WP Portfolio Theme <= 2.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Portfolio Type Theme Vulnerable versions = 2.4 Fixed in 2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33537 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 960b34eee068 Credits stealthcopter Required privilege Contributor...

6.5CVSS6.6AI score0.00351EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder