Lucene search
+L

54 matches found

Vulnrichment
Vulnrichment
added 2023/08/23 1:48 p.m.12 views

CVE-2023-32498 WordPress Easy Form by AYS Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Easy Form team Easy Form by AYS plugin = 1.2.0 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/08/18 2:15 p.m.20 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.1.3 versions...

5.8CVSS6AI score0.00396EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/18 2:0 p.m.26 views

CVE-2023-32107 WordPress Photo Gallery by Ays Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.1.3 versions...

7.1CVSS6.3AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/18 2:0 p.m.17 views

CVE-2023-32107 WordPress Photo Gallery by Ays Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.1.3 versions...

7.1CVSS5.8AI score0.00396EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/18 12:0 a.m.7 views

WordPress plugin Photo Gallery by Ays 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.9AI score0.00396EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/08/07 12:0 a.m.12 views

WordPress Photo Gallery by Ays Plugin <= 5.2.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Photo Gallery by Ays Type Plugin Vulnerable versions = 5.2.6 Fixed in 5.2.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-39917 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dcde53c55582 Credits Skalucy Requir...

8.8CVSS6.6AI score0.00214EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/22 12:0 a.m.10 views

WordPress Photo Gallery by Ays Plugin < 5.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Photo Gallery by Ays Type Plugin Vulnerable versions 5.1.7 Fixed in 5.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2568 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 1b5a7b5e5c1c Credits Erwan LR WPScan...

6.1CVSS5.6AI score0.00458EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2023/06/12 6:15 p.m.6 views

CVE-2023-2568

The Photo Gallery by Ays WordPress plugin before 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.8AI score0.00458EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.7 views

WordPress Plugin Photo Gallery by Ays 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS6.8AI score0.00458EPSS
Exploits2References2
Patchstack
Patchstack
added 2023/05/03 12:0 a.m.14 views

WordPress Photo Gallery by Ays Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Photo Gallery by Ays Type Plugin Vulnerable versions = 5.1.3 Fixed in 5.1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32107 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f7b98519cd3e Credits Le Ngoc Anh...

7.1CVSS5.6AI score0.00396EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/08/02 11:15 a.m.5 views

CVE-2021-24462

The getgallerycategories and getgalleries functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in...

8.8CVSS7.3AI score0.01362EPSS
Exploits2References1
Patchstack
Patchstack
added 2021/06/29 12:0 a.m.25 views

WordPress Image Slider by Ays plugin <= 2.4.9 - Authenticated Blind SQL Injection (SQLi) vulnerability

Authenticated Blind SQL Injection SQLi vulnerability discovered by To Quang Duong in WordPress Image Slider by Ays plugin versions = 2.4.9. Solution Update the WordPress Image Slider by Ays plugin to the latest available version at least 2.5.0...

8.8CVSS3.2AI score0.01362EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/06/29 12:0 a.m.19 views

WordPress Photo Gallery by Ays plugin <= 4.4.3 - Authenticated Blind SQL Injection (SQLi) vulnerability

Authenticated Blind SQL Injection SQLi vulnerability discovered by To Quang Duong in WordPress Photo Gallery by Ays plugin versions = 4.4.3. Solution Update the WordPress Photo Gallery by Ays plugin to the latest available version at least 4.4.4...

8.8CVSS3.1AI score0.01362EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/06/29 12:0 a.m.15 views

WordPress FAQ Builder AYS plugin <= 1.3.5 - Authenticated Blind SQL Injection (SQLi) vulnerability

Authenticated Blind SQL Injection SQLi vulnerability discovered by To Quang Duong in WordPress FAQ Builder AYS plugin versions = 1.3.5 Solution Update the WordPress FAQ Builder AYS plugin to the latest available version at least 1.3.6...

8.8CVSS3AI score0.01362EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder