cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forgs-pinterest-portfolio gs-pinterest-portfolio

Direction: descending
Mar 20, 2025

WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout # CVE-2023-32593

CVE, Research URL

CVE-2023-32593

Home page URL

Security reports for WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout

Application

WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout

Date
Dec 13, 2024
Research Description
Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through 1.6.7.
Affected versions
max 1.8.1.
Status
vulnerable
Dec 06, 2024

WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout # CVE-2024-11453

CVE, Research URL

CVE-2024-11453

Home page URL

Security reports for WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout

Application

WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout

Date
Dec 03, 2024
Research Description
The WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gs_pin_widget' shortcode in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 1.8.9.
Status
vulnerable
Jun 06, 2024

WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout # de469805798894de73033621e14693d94a7e0dcc

CVE, Research URL

de469805798894de73033621e14693d94a7e0dcc

Home page URL

Security reports for WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout

Application

WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout

Date
Mar 22, 2023
Research Description
WordPress Pinterest Plugin &#8211; Make a Popup, User Profile, Masonry and Gallery Layout [gs-pinterest-portfolio] < 1.6.2 WordPress GS Pins for Pinterest Plugin <= 1.6.2 is vulnerable to Cross Site Request Forgery (CSRF) No patched version is available. No reply from the vendor. Lana Codes discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress GS Pins for Pinterest Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.
Affected versions
max 1.6.2.
Status
vulnerable

WordPress Pinterest Plugin &#8211; Make a Popup, User Profile, Masonry and Gallery Layout # CVE-2024-30192

CVE, Research URL

CVE-2024-30192

Home page URL

Security reports for WordPress Pinterest Plugin &#8211; Make a Popup, User Profile, Masonry and Gallery Layout

Application

WordPress Pinterest Plugin &#8211; Make a Popup, User Profile, Masonry and Gallery Layout

Date
Mar 27, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from n/a through 1.8.2.
Affected versions
max 1.8.1.
Status
vulnerable