Lucene search
HistoryApr 11, 2014 - 2:55 p.m.
CVE-2014-2333
cve-2014-2333
cross-site scripting
xss
lazyest gallery plugin
wordpress
exif tag
nvd
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
6 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.4%
Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
marcel_brinkkemperlazyest-galleryRange≤1.1.20wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.1.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.2.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.3wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.3.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.3.2wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.3.3wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.4wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.5wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.6wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.7wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.7.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.8wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.8.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.9wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.9.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.10wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.10.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.11wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.12wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.13wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.14wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.15wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.16wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.17.1wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.17.2wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.17.4wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.18wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.19wordpress
ORmarcel_brinkkemperlazyest-galleryMatch1.1.19.1wordpress
Related
wpvulndb
wpvulndb
Lazyest Gallery <= 1.1.20 - EXIF Script Insertion
2014-08-01 10:59:13
cvelist
cvelist
CVE-2014-2333
2014-04-11 14:00:00
prion
prion
Cross site scripting
2014-04-11 14:55:00
nvd
nvd
CVE-2014-2333
2014-04-11 14:55:05
patchstack
patchstack
WordPress Lazyest Gallery Plugin <= 1.1.20 - XSS
2014-03-12 00:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
6 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.4%
Related for CVE-2014-2333