Cross-site request forgery (CSRF) vulnerability in the Portfolio plugin before 1.05 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via a request to the instagram-portfolio page in wp-admin/options-general.php.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | 3.14-community | noarch | portfolio | = 0.9.10-r2 | UNKNOWN |
Alpine | 3.15-community | noarch | portfolio | = 0.9.12-r1 | UNKNOWN |
Alpine | 3.16-community | noarch | portfolio | = 0.9.14-r0 | UNKNOWN |
Alpine | 3.17-community | noarch | portfolio | = 0.9.14-r0 | UNKNOWN |
Alpine | 3.18-community | noarch | portfolio | = 0.9.15-r0 | UNKNOWN |