VYPR

Porto Functionality

by WordPress

CVEs (6)

  • CVE-2023-48738CriDec 19, 2023
    risk 0.61cvss 9.3epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Porto Theme Porto Theme - Functionality.This issue affects Porto Theme - Functionality: from n/a before 2.12.1.

  • CVE-2024-3809HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.9 via the 'slideshow_type' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include…

  • CVE-2024-3808HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the 'porto_portfolios' shortcode 'portfolio_layout' attribute. This makes it possible for authenticated attackers, with contributor-level…

  • CVE-2025-63066MedDec 9, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Stored XSS.This issue affects Porto Theme - Functionality: from n/a through < 3.7.3.

  • CVE-2023-48739MedJan 2, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Porto Theme Porto Theme - Functionality porto-functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto Theme - Functionality: from n/a through < 2.12.1.

  • CVE-2025-63067MedDec 9, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto Theme - Functionality: from n/a through < 3.7.3.