Phptechie

phptechie

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Wp Projects Portfolio With Client Testimonials

wp_projects_portfolio_with_client_testimonials

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-13115 1Phptechie 1Wp Projects Portfolio With Client Testimonials May 7, 2025 Feb 4, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admi...Show more The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.Show less
CVE-2024-13114 1Phptechie 1Wp Projects Portfolio With Client Testimonials May 7, 2025 Feb 4, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be u...Show more The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-13115

1Phptechie

1Wp Projects Portfolio With Client Testimonials

May 7, 2025

Feb 4, 2025

N/A· v4

6.1 MEDIUM· v3

N/A· v2

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admi...Show more

CVE-2024-13114