[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYxp2j8CA8h7AkxptjVuXzXNtfroAlrSuPpe5mB_A91I":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2022-2543","visual-portfolio-photo-gallery-post-grid-unauthenticated-css-injection","Visual Portfolio, Photo Gallery & Post Grid \u003C= 2.17.1 - Unauthenticated CSS Injection","The Visual Portfolio, Photo Gallery & Post Grid plugin for WordPress is vulnerable to CSS injection via the REST API in versions up to, and including, 2.17.0. This allows unauthenticated users to inject arbitrary CSS into saved layouts.","visual-portfolio",null,"\u003C=2.17.1","2.18.0","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')","2022-08-15 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe20082a0-dca6-4a26-919f-d59752dfbe90?source=api-prod",526]