3 matches found
CVE-2025-1757
creationtimestamp| type| source ---|---|--- 2025-02-28 05:26:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5836 2025-02-28 05:48:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lj7phl2w3x2w 2025-02-28 07:49:34+00:00| seen|...
CVE-2025-1757 WordPress Portfolio Builder – Portfolio Gallery <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pfhubportfolio' and 'pfhubportfolioportfolio' shortcodes in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping o...
CVE-2025-1757 WordPress Portfolio Builder – Portfolio Gallery <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pfhubportfolio' and 'pfhubportfolioportfolio' shortcodes in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping o...