CVE-2015-9462

Name of the Vulnerable Software and Affected Versions awesome-filterable-portfolio plugin versions prior to 1.9

Description The issue is related to SQL injection via the cat id parameter in the afp get new category page function. This allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world incidents.

Recommendations For versions prior to 1.9, update to version 1.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the afp get new category page function or avoiding the use of the cat id parameter until the update is applied.