exploitDog

CVE-2021-25090

Опубликовано: 11 апр. 2022

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as subscriber, to call them. Due to the lack of sanitisation and escaping, it could also allows attackers to perform Cross-Site Scripting attacks on pages where a Portfolio is embed

Ссылки

https://wpscan.com/vulnerability/32a4a2b5-ef65-4e29-af4a-f003dbd0809c
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/32a4a2b5-ef65-4e29-af4a-f003dbd0809c
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wpsofts:portfolio_gallery\,_product_catalog_-_grid_kit_portfolio:*:*:*:*:*:wordpress:*:*

Версия до 2.1.0 (исключая)

EPSS

Процентиль: 43%

0.00208

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-3prr-q5hc-2742

CVSS3: 5.4

github

почти 4 года назад

The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as subscriber, to call them. Due to the lack of sanitisation and escaping, it could also allows attackers to perform Cross-Site Scripting attacks on pages where a Portfolio is embed

EPSS

Процентиль: 43%

0.00208

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79