CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Visualportfolio: >> Visual Portfolio, Photo Gallery & Post Grid >> 2.18.0 Security Vulnerabilities

CVE-2022-2597

The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.19.0 does not have proper authorisation checks in some of its REST endpoints, allowing users with a role as low as contributor to call them and inject arbitrary CSS in arbitrary saved layouts

CVSS Score

5.4

EPSS Score

0.001

Published

2022-09-05

Page 1

Vulnerabilities

Vulnerable Software

Visualportfolio: >> Visual Portfolio, Photo Gallery & Post Grid >> 2.18.0 Security Vulnerabilities

Products

Pricing

Contact Us