Lucene search

K
cvelistWPScanCVELIST:CVE-2021-24363
HistoryAug 16, 2021 - 10:48 a.m.

CVE-2021-24363 Photo Gallery < 1.5.75 - File Upload Path Traversal

2021-08-1610:48:17
CWE-22
WPScan
www.cve.org

0.001 Low

EPSS

Percentile

25.9%

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector

CNA Affected

[
  {
    "product": "Photo Gallery by 10Web – Mobile-Friendly Image Gallery",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.5.75",
        "status": "affected",
        "version": "1.5.75",
        "versionType": "custom"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

25.9%

Related for CVELIST:CVE-2021-24363