4 matches found
CVE-2024-33537
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme Horse WP Portfolio allows Stored XSS.This issue affects WP Portfolio: from n/a through 2.4...
CVE-2024-33537 WordPress WP Portfolio theme <= 2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme Horse WP Portfolio allows Stored XSS.This issue affects WP Portfolio: from n/a through 2.4...
CVE-2024-33537
The CVE-2024-33537 entry describes a Stored XSS in WP Portfolio (Theme Horse WP Portfolio) affecting WP Portfolio versions up to 2.4. Root cause is improper neutralization of input during web page generation. The CVSS vector indicates Network access, Low attack complexity, and user interaction re...
WordPress WP Portfolio Theme <= 2.4 is vulnerable to Cross Site Scripting (XSS)
Software WP Portfolio Type Theme Vulnerable versions = 2.4 Fixed in 2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33537 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 960b34eee068 Credits stealthcopter Required privilege Contributor...