VYPR

Gs Portfolio

by WordPress

Source repositories

CVEs (4)

  • CVE-2024-11765MedDec 12, 2024
    risk 0.42cvss 6.4epss 0.00

    The WordPress Portfolio Plugin – A Plugin for Making Filterable Portfolio Grid, Portfolio Slider and more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gs_portfolio' shortcode in all versions up to, and including, 1.6.3 due to insufficient…

  • CVE-2023-0539MedFeb 27, 2023
    risk 0.35cvss 5.4epss 0.01

    The GS Insever Portfolio WordPress plugin before 1.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site…

  • CVE-2023-0559MedFeb 21, 2023
    risk 0.35cvss 5.4epss 0.00

    The GS Portfolio for Envato WordPress plugin before 1.4.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored…

  • CVE-2025-62755MedDec 31, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in GS Plugins GS Portfolio for Envato gs-envato-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Portfolio for Envato: from n/a through <= 1.4.2.