cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12249,https://securityvulnerability.io/vulnerability/CVE-2024-12249,Data Modification Vulnerability in GS Insever Portfolio Plugin for WordPress,"The GS Insever Portfolio plugin for WordPress has a security flaw that allows authenticated attackers, with subscriber-level access and above, to alter the plugin's CSS settings. This issue arises from a missing capability check in the save_settings() function, compromising the integrity of the website's presentation. Affected versions include all up to 1.4.5. It is crucial for users of this plugin to apply available updates to mitigate this vulnerability.",Wordpress,Gs Insever Portfolio,4.3,MEDIUM,0.0005300000193528831,false,,false,false,false,false,false,false,2025-01-09T11:10:55.369Z,0
CVE-2023-0539,https://securityvulnerability.io/vulnerability/CVE-2023-0539,GS Insever Portfolio < 1.4.5 - Contributor+ Stored XSS,"The GS Insever Portfolio WordPress plugin before 1.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.",Wordpress,GS Insever Portfolio,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2023-02-27T16:15:00.000Z,0