VYPR

Portfolio Gallery – Image Gallery Plugin

by WordPress

CVEs (2)

  • CVE-2024-6262MedJun 27, 2024
    risk 0.35cvss 6.4epss 0.00

    The Portfolio Gallery – Image Gallery Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'PFG' shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping on user supplied attributes.…

  • CVE-2014-125101MedMay 28, 2023
    risk 0.34cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this…