22 matches found
CVE-2021-47929 WordPress Plugin Filterable Portfolio Gallery 1.0 Stored XSS
Filterable Portfolio Gallery 1.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by entering payloads in the title field. Attackers can store JavaScript code like image tags with onerror handlers that execute when the gallery...
WordPress plugin Portfolio Gallery 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2014-1269
Malware in sbrugna...
EUVD-2016-1068
Malware in sbrugna...
CVE-2024-29769
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portfolio Gallery – Image Gallery Plugin allows Stored XSS.This issue affects Portfolio Gallery – Image Gallery Plugin: from n/a through 1.5.6...
CVE-2024-6262
The Portfolio Gallery – Image Gallery Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'PFG' shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
CVE-2014-125101
A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifi...
CVE-2024-13231
The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'addvideo' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to add arbitra...
CVE-2024-11900
The Portfolio – Filterable Masonry Portfolio Gallery for Professionals plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'portfolio-pro' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user suppli...
CVE-2023-32585 WordPress Portfolio Gallery – Responsive Image Gallery plugin <= 1.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6...
PT-2024-23010 · WordPress · The Portfolio Gallery – Image Gallery Plugin
Name of the Vulnerable Software and Affected Versions: Portfolio Gallery – Image Gallery Plugin versions 1.5.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that...
CVE-2014-125101
A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifi...
Sql injection
A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifi...
CVE-2014-125101
The CVE-2014-125101 entry concerns the Portfolio Gallery Plugin for WordPress, affected versions up to 1.1.8. A SQL injection vulnerability exists in an unspecified component/part, which can be exploited remotely. Remediation is to upgrade to version 1.1.9, with patch identifier 58ed88243e17df766...
CVE-2014-125101 Portfolio Gallery Plugin sql injection
A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifi...
PT-2023-10169 · WordPress · Portfolio Gallery Plugin
Name of the Vulnerable Software and Affected Versions: Portfolio Gallery Plugin versions up to 1.1.8 Description: A critical vulnerability has been found in the Portfolio Gallery Plugin on WordPress, affecting an unknown part. The manipulation leads to sql injection and can be initiated remotely...
CVE-2023-26016
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Tauhidul Alam Simple Portfolio Gallery plugin = 0.1 versions...
Huge-IT Portfolio Gallery plugin SQL injection vulnerability in Joomla!
Joomla! is a U.S. Open Source Matters team developed a set of open source content management system CMS. Huge-IT Portfolio Gallery is one of the display of photos, videos and other extensions . A SQL injection vulnerability exists in version 1.0.6 of the Huge-IT Portfolio Gallery plugin for Jooml...
CVE-2016-1000124
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6...
Sql injection
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6...