CVE-2025-23522 | HM Portfolio Plugin up to 1.1.1 on WordPress cross site scripting

Inserito da Angelo Barbosa | Gen 24, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in humanmade limited & Joe Hoyle & Tom Wilmott & Matthew Haines-Young HM Portfolio Plugin up to 1.1.1 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2025-23522. The attack may be launched remotely. There is no exploit available.

CVE-2025-23522 | HM Portfolio Plugin up to 1.1.1 on WordPress cross site scripting

Post correlati

CVE-2024-42748 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi setWiFiWpsCfg os command injection

CVE-2019-20461 | Alecto IVM-100 2019-11-12 UDP Protocol improper authentication

CVE-2024-6163 | Checkmk up to 2.0.0p39/2.1.0p45/2.2.0p30/2.3.0p10 HTTP Endpoint authentication spoofing

CVE-2024-8747 | Email Obfuscate Shortcode Plugin up to 2.0 on WordPress cross site scripting