cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-11900,https://securityvulnerability.io/vulnerability/CVE-2024-11900,Stored Cross-Site Scripting Vulnerability in Portfolio – Filterable Masonry Portfolio Gallery Plugin for WordPress,"CVE-2024-11900 highlights a security vulnerability within the Portfolio – Filterable Masonry Portfolio Gallery for Professionals plugin for WordPress. This vulnerability allows authenticated attackers, with contributor-level access or higher, to exploit stored cross-site scripting (XSS) due to insufficient input sanitization and output escaping on attributes supplied by users. The vulnerability affects all versions up to and including 1.2.2 of the plugin. By injecting malicious web scripts into pages, attackers can compromise the integrity of web content and potentially execute harmful scripts whenever users access affected pages.",Wordpress,Portfolio – Filterable Masonry Portfolio Gallery For Professionals,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-12-17T00:15:00.000Z,0