CVE-2024-13115 in Projects Portfolio with Client Testimonials PluginИнформация

Сводка

по MITRE • 04.02.2025

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Ответственный

WPScan

Резервировать

01.01.2025

Раскрытие

04.02.2025

Модерация

принято

Вход

VDB-294575

EPSS

0.00173

KEV

Нет

Деятельности

Очень низкий

Сектор

Hostingprovider

Источники

Want to stay up to date on a daily basis?

Enable the mail alert feature now!