Vulnerability Description
The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as subscriber, to call them. Due to the lack of sanitisation and escaping, it could also allows attackers to perform Cross-Site Scripting attacks on pages where a Portfolio is embed
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wpsofts | Portfolio Gallery\, Product Catalog - Grid Kit Portfolio | < 2.1.0 |
Related Weaknesses (CWE)
References
- https://wpscan.com/vulnerability/32a4a2b5-ef65-4e29-af4a-f003dbd0809cExploitThird Party Advisory
- https://wpscan.com/vulnerability/32a4a2b5-ef65-4e29-af4a-f003dbd0809cExploitThird Party Advisory
FAQ
What is CVE-2021-25090?
CVE-2021-25090 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such as...
How severe is CVE-2021-25090?
CVE-2021-25090 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-25090?
Check the references section above for vendor advisories and patch information. Affected products include: Wpsofts Portfolio Gallery\, Product Catalog - Grid Kit Portfolio.