8 matches found
WordPress Album and Image Gallery Plus Lightbox plugin <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin's Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Plugin's Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Album and Image Gallery plus Lightbox versions = 2.1.7...
EUVD-2023-29039
Malicious code in bioql PyPI...
CVE-2023-25060 WordPress Album and Image Gallery plus Lightbox plugin <= 1.6.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Album and Image Gallery plus Lightbox album-and-image-gallery-plus-lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Album and Image Gallery plus Lightbox: from n/a through ...
CVE-2023-25060
CVE-2023-25060: Missing Authorization vulnerability in WordPress plugin Album and Image Gallery plus Lightbox (and WP OnlineSupport) is a Broken Access Control issue affecting versions up to 1.6.2. The root cause is misconfigured access control that allows unauthenticated users to exploit certain...
WordPress Album and Image Gallery plus Lightbox plugin <= 2.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Album and Image Gallery plus Lightbox versions = 2.0...
CVE-2024-4194 Album and Image Gallery plus Lightbox <= 2.0 - Unauthenticated Arbitrary Shortcode Execution
The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This mak...
CVE-2024-4194
Affected software. The Album and Image Gallery plus Lightbox (WordPress plugin) is vulnerable up to version 2.0. The issue is due to improper validation of a value before do_shortcode, enabling unauthenticated attackers to execute arbitrary shortcodes. This CVE is corroborated by multiple sources...
WordPress Album and Image Gallery plus Lightbox Plugin <= 2.0 is vulnerable to Broken Access Control
Software Album and Image Gallery plus Lightbox Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4194 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 3971913257ef Credits...