6.3 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.4%
Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information.
secunia.com/advisories/57746
wordpress.org/plugins/lazyest-gallery/changelog
www.securityfocus.com/bid/66756
exchange.xforce.ibmcloud.com/vulnerabilities/92598