Lucene search
K

8 matches found

Patchstack
Patchstack
added 2026/02/18 10:53 p.m.9 views

WordPress Album and Image Gallery Plus Lightbox plugin <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin's Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Plugin's Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Album and Image Gallery plus Lightbox versions = 2.1.7...

6.4CVSS5.5AI score0.00308EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-29039

Malicious code in bioql PyPI...

5.3CVSS8.5AI score0.00564EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.22 views

CVE-2023-25060 WordPress Album and Image Gallery plus Lightbox plugin <= 1.6.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Album and Image Gallery plus Lightbox album-and-image-gallery-plus-lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Album and Image Gallery plus Lightbox: from n/a through ...

5.3CVSS7.3AI score0.00564EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.41 views

CVE-2023-25060

CVE-2023-25060: Missing Authorization vulnerability in WordPress plugin Album and Image Gallery plus Lightbox (and WP OnlineSupport) is a Broken Access Control issue affecting versions up to 1.6.2. The root cause is misconfigured access control that allows unauthenticated users to exploit certain...

5.3CVSS8AI score0.00564EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/06/06 2:38 a.m.4 views

WordPress Album and Image Gallery plus Lightbox plugin <= 2.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Album and Image Gallery plus Lightbox versions = 2.0...

7.3CVSS7.1AI score0.00478EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/06 2:2 a.m.36 views

CVE-2024-4194 Album and Image Gallery plus Lightbox <= 2.0 - Unauthenticated Arbitrary Shortcode Execution

The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This mak...

6.5CVSS6.7AI score0.00478EPSS
Exploits0References4
CVE
CVE
added 2024/06/06 2:2 a.m.42 views

CVE-2024-4194

Affected software. The Album and Image Gallery plus Lightbox (WordPress plugin) is vulnerable up to version 2.0. The issue is due to improper validation of a value before do_shortcode, enabling unauthenticated attackers to execute arbitrary shortcodes. This CVE is corroborated by multiple sources...

7.3CVSS7.1AI score0.00478EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.13 views

WordPress Album and Image Gallery plus Lightbox Plugin <= 2.0 is vulnerable to Broken Access Control

Software Album and Image Gallery plus Lightbox Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-4194 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 3971913257ef Credits...

7.3CVSS6.5AI score0.00478EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder