Lucene search
K

22 matches found

Vulnrichment
Vulnrichment
added 2026/05/10 12:43 p.m.14 views

CVE-2021-47929 WordPress Plugin Filterable Portfolio Gallery 1.0 Stored XSS

Filterable Portfolio Gallery 1.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by entering payloads in the title field. Attackers can store JavaScript code like image tags with onerror handlers that execute when the gallery...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.6 views

WordPress plugin Portfolio Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.4CVSS6.6AI score0.00209EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-1269

Malware in sbrugna...

9.8CVSS6.9AI score0.00707EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2016-1068

Malware in sbrugna...

9.8CVSS9.3AI score0.0255EPSS
Exploits9References6
RedhatCVE
RedhatCVE
added 2025/05/23 10:3 a.m.7 views

CVE-2024-29769

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portfolio Gallery – Image Gallery Plugin allows Stored XSS.This issue affects Portfolio Gallery – Image Gallery Plugin: from n/a through 1.5.6...

6.5CVSS8.6AI score0.00351EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:25 a.m.2 views

CVE-2024-6262

The Portfolio Gallery – Image Gallery Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'PFG' shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.4CVSS5AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:31 a.m.7 views

CVE-2014-125101

A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifi...

9.8CVSS7.6AI score0.00707EPSS
Exploits0References1
NVD
NVD
added 2025/02/19 9:15 a.m.24 views

CVE-2024-13231

The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'addvideo' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to add arbitra...

5.3CVSS0.00449EPSS
Exploits0References5
NVD
NVD
added 2024/12/17 12:15 a.m.8 views

CVE-2024-11900

The Portfolio – Filterable Masonry Portfolio Gallery for Professionals plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'portfolio-pro' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user suppli...

6.4CVSS0.00303EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/13 2:23 p.m.15 views

CVE-2023-32585 WordPress Portfolio Gallery – Responsive Image Gallery plugin <= 1.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Total-Soft Portfolio Gallery – Responsive Image Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery – Responsive Image Gallery: from n/a through 1.4.6...

7.5CVSS0.00799EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.6 views

PT-2024-23010 · WordPress · The Portfolio Gallery – Image Gallery Plugin

Name of the Vulnerable Software and Affected Versions: Portfolio Gallery – Image Gallery Plugin versions 1.5.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that...

6.5CVSS9.1AI score0.00351EPSS
Exploits0References4
NVD
NVD
added 2023/05/28 1:15 p.m.13 views

CVE-2014-125101

A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifi...

9.8CVSS7.5AI score0.00707EPSS
Exploits0References3
Prion
Prion
added 2023/05/28 1:15 p.m.13 views

Sql injection

A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifi...

7.5CVSS7.8AI score0.00707EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/05/28 12:31 p.m.46 views

CVE-2014-125101

The CVE-2014-125101 entry concerns the Portfolio Gallery Plugin for WordPress, affected versions up to 1.1.8. A SQL injection vulnerability exists in an unspecified component/part, which can be exploited remotely. Remediation is to upgrade to version 1.1.9, with patch identifier 58ed88243e17df766...

9.8CVSS8.4AI score0.00707EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/28 12:31 p.m.15 views

CVE-2014-125101 Portfolio Gallery Plugin sql injection

A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifi...

6.5CVSS10AI score0.00707EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/28 12:0 a.m.3 views

PT-2023-10169 · WordPress · Portfolio Gallery Plugin

Name of the Vulnerable Software and Affected Versions: Portfolio Gallery Plugin versions up to 1.1.8 Description: A critical vulnerability has been found in the Portfolio Gallery Plugin on WordPress, affecting an unknown part. The manipulation leads to sql injection and can be initiated remotely...

9.8CVSS7.5AI score0.00707EPSS
Exploits0References8
OSV
OSV
added 2023/05/04 1:15 p.m.5 views

CVE-2023-26016

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Tauhidul Alam Simple Portfolio Gallery plugin = 0.1 versions...

4.8CVSS6.6AI score0.00369EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/12 12:0 a.m.7 views

Huge-IT Portfolio Gallery plugin SQL injection vulnerability in Joomla!

Joomla! is a U.S. Open Source Matters team developed a set of open source content management system CMS. Huge-IT Portfolio Gallery is one of the display of photos, videos and other extensions . A SQL injection vulnerability exists in version 1.0.6 of the Huge-IT Portfolio Gallery plugin for Jooml...

9.8CVSS8.2AI score0.0255EPSS
Exploits9References1
NVD
NVD
added 2016/10/06 2:59 p.m.16 views

CVE-2016-1000124

Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6...

9.8CVSS9.9AI score0.0255EPSS
Exploits9References4
Prion
Prion
added 2016/10/06 2:59 p.m.15 views

Sql injection

Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6...

7.5CVSS8.3AI score0.0255EPSS
Exploits9References4Affected Software1
Rows per page
Query Builder