24Oca
CVE-2025-23522 | HM Portfolio Plugin up to 1.1.1 on WordPress cross site scripting
A vulnerability, which was classified as problematic, has been found in humanmade limited & Joe Hoyle & Tom Wilmott & Matthew Haines-Young HM Portfolio Plugin up to 1.1.1 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-23522. The attack may be launched remotely. There is no exploit available.