Porto — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in Porto, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-28075	WordPress Porto theme <= 7.6.2 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79	6.1	-	2026-03-05
CVE-2024-3806	Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts CWE-98	9.8	Critical	2024-05-09
CVE-2024-3807	Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta CWE-98	8.8	High	2024-05-09

All 3 known CVE vulnerabilities affecting Porto with full Chinese analysis, references, and POCs where available.