Published on: Not Yet Published
Last Modified on: 02/15/2023 04:08:00 PM UTC
CVE-2023-0362Source: Mitre Source: NIST CVE.ORG Print: PDF
Certain versions of Portfolio Post from Themify contain the following vulnerability:
Themify Portfolio Post WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
- CVE-2023-0362 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.
- Affected Vendor/Software: Unknown - Themify Portfolio Post version < 1.2.2
CVSS3 Score: 5.4 - MEDIUM
|Themify Portfolio Post < 1.2.2 - Contributor+ Stored XSS WordPress Security Vulnerability|| web.archive.org |
Inactive LinkNot Archived
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
No vendor comments have been submitted for this CVE
|@CVEreport||CVE-2023-0362 : Themify Portfolio Post WordPress plugin before 1.2.2 does not validate and escape some of its short… twitter.com/i/web/status/1…||2023-02-13 15:22:21|