Lucene search
WPScanCVE-2024-1664HistoryApr 09, 2024 - 5:15 a.m.
CVE-2024-1664
2024-04-0905:15:47
WPScan
web.nvd.nist.gov
33
organization
individual
security problem
publicized
details
nvd
The Responsive Gallery Grid WordPress plugin before 2.3.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected configurations
Node
responsive_gallery_gridRange<2.3.11wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| * | responsive_gallery_grid | * | cpe:2.3:a:*:responsive_gallery_grid:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "Responsive Gallery Grid",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "2.3.11"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-1664
2024-04-09 05:15:47
wpexploit
wpexploit
Responsive Gallery Grid < 2.3.11 - Admin+ Stored XSS
2024-03-26 00:00:00
vulnrichment
vulnrichment
CVE-2024-1664 Responsive Gallery Grid < 2.3.11 - Admin+ Stored XSS
2024-04-09 05:00:01
cvelist
cvelist
CVE-2024-1664 Responsive Gallery Grid < 2.3.11 - Admin+ Stored XSS
2024-04-09 05:00:01
wpvulndb
wpvulndb
Responsive Gallery Grid < 2.3.11 - Admin+ Stored XSS
2024-03-26 00:00:00
wordfence
wordfence