CVE-2021-25090 Information

Description

The Portfolio Gallery Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions allowing any authenticated users such as subscriber to call them. Due to the lack of sanitisation and escaping it could also allows attackers to perform Cross-Site Scripting attacks on pages where a Portfolio is embed

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Reference

https://wpscan.com/vulnerability/32a4a2b5-ef65-4e29-af4a-f003dbd0809c

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

5.4