CVE-2021-25090
Last modified
CVE-2021-25090 is a medium-severity vulnerability rated 5.4/10 on the CVSS scale. The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as subscriber, to call them. Due to the lack of sanitisation and escaping, it could also allows attackers to perform Cross-Site Scripting attacks on pages where a Portfolio is embed. EPSS estimates a 0.58% chance of exploitation in the next 30 days.
Description
The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as subscriber, to call them. Due to the lack of sanitisation and escaping, it could also allows attackers to perform Cross-Site Scripting attacks on pages where a Portfolio is embed
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Wpsofts | Portfolio Gallery\, Product Catalog - Grid Kit Portfolio | < 2.1.0 |
References
- https://wpscan.com/vulnerability/32a4a2b5-ef65-4e29-af4a-f003dbd0809cExploit, Third Party Advisory
- https://wpscan.com/vulnerability/32a4a2b5-ef65-4e29-af4a-f003dbd0809cExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-25090?
How severe is CVE-2021-25090?
How do I fix CVE-2021-25090?
Are you affected by CVE-2021-25090?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST