Vulnerability Details CVE-2015-9461
The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.4%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- http://cinu.pl/research/wp-plugins/mail_082287dbf7a24d415ff71581fc248330.html
- https://wordpress.org/plugins/awesome-filterable-portfolio/#developers
- https://wpvulndb.com/vulnerabilities/8311
- http://cinu.pl/research/wp-plugins/mail_082287dbf7a24d415ff71581fc248330.html
- https://wordpress.org/plugins/awesome-filterable-portfolio/#developers
- https://wpvulndb.com/vulnerabilities/8311
Products affected by CVE-2015-9461
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.0
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.4
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.5
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.6
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.8
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.8.1
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.8.2
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.8.3
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.8.4
-
cpe:2.3:a:brinidesigner:awesome_filterable_portfolio:1.8.5