VYPR

Auxin Portfolio

by WordPress

Source repositories

CVEs (2)

  • CVE-2023-38399HigMay 17, 2024
    risk 0.56cvss 8.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1.

  • CVE-2024-1384MedAug 29, 2024
    risk 0.35cvss 6.4epss 0.00

    The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_recent_portfolios_grid' shortcode in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping on user…