Themify Portfolio Post — known CVE vulnerabilities
Every CVE whose affected-product data names Themify Portfolio Post, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-24129 — CVSS 5.4 (medium): Unvalidated input and lack of output encoding in the Themify Portfolio Post WordPress plugin, versions before 1.1.6, lead to Stored…
CVE-2022-0200 — CVSS 5.4 (medium): Themify Portfolio Post WordPress plugin before 1.1.7 does not sanitise and escape the num_of_pages parameter before outputting it back the…
CVE-2022-4464 — CVSS 5.4 (medium): Themify Portfolio Post WordPress plugin before 1.2.1 does not validate and escapes some of its shortcode attributes before outputting them…
CVE-2023-0362 — CVSS 5.4 (medium): Themify Portfolio Post WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them…