PT-2026-39505 · WordPress · Filter Portfolio Gallery

Murat Demirci

·

Published

2026-05-10

·

Updated

2026-05-10

·

CVE-2021-47929

CVSS v3.1

6.4

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Filterable Portfolio Gallery version 1.0
Description A stored cross-site scripting issue allows authenticated attackers to inject malicious JavaScript. This is achieved by entering payloads into the title field, such as image tags with onerror handlers. The injected code executes when users preview the gallery, affecting all visitors to the page.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2021-47929

Affected Products

Filter Portfolio Gallery