Vulnerabilities (CVE)

Filtered by vendor Gsplugins Subscribe
Filtered by product Gs Pinterest Portfolio
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-11453 1 Gsplugins 1 Gs Pinterest Portfolio 2025-07-09 N/A 6.4 MEDIUM
The WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gs_pin_widget' shortcode in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2024-30192 1 Gsplugins 1 Gs Pinterest Portfolio 2025-07-01 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from n/a through 1.8.2.