[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f_S3WDyJtX6h9UkK-rO9HGBDo97l_6mMYRTi9C8tHkpU":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2022-2597","visual-portfolio-photo-gallery-post-grid-contributor-css-injection","Visual Portfolio, Photo Gallery & Post Grid \u003C= 2.18.0 - Contributor+ CSS Injection","The Visual Portfolio, Photo Gallery & Post Grid plugin for WordPress is vulnerable to CSS injection via the REST API in versions up to, and including, 2.18.0. This allows authenticated users with contributor or greater privileges to inject arbitrary CSS into saved layouts.","visual-portfolio",null,"\u003C=2.18.0","2.19.0","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')","2022-08-15 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa7519c43-d8d1-4412-b2f3-77f59736924c?source=api-prod",526]