Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1
CVE-2026-49069
- EPSS 0.14%
- Veröffentlicht 10.06.2026 12:39:37
- Zuletzt bearbeitet 10.06.2026 18:35:12
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21.
5.4
CVE-2024-8276
- EPSS 0.35%
- Veröffentlicht 31.08.2024 08:15:05
- Zuletzt bearbeitet 13.09.2024 19:19:42
The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:wpzoom-blocks' Gutenberg block in all versions up to, and including, 1.4.4 due to insuf...
5.4
CVE-2022-4789
- EPSS 0.47%
- Veröffentlicht 23.01.2023 15:15:17
- Zuletzt bearbeitet 02.04.2025 16:15:29
The WPZOOM Portfolio WordPress plugin before 1.2.2 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
1