Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.5 views

CVE-2022-0186

The Image Photo Gallery Final Tiles Grid WordPress plugin before 3.5.3 does not sanitise and escape the Description field when editing a gallery, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks against other users having access to the gallery dashboard...

5.4CVSS6.1AI score0.00595EPSS
Exploits2References1
NVD
NVD
added 2022/02/21 11:15 a.m.24 views

CVE-2022-0186

The Image Photo Gallery Final Tiles Grid WordPress plugin before 3.5.3 does not sanitise and escape the Description field when editing a gallery, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks against other users having access to the gallery dashboard...

5.4CVSS0.00595EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/02/21 10:46 a.m.26 views

CVE-2022-0186 Image Photo Gallery Final Tiles Grid < 3.5.3 - Contributor+ Stored Cross-Site Scripting

The Image Photo Gallery Final Tiles Grid WordPress plugin before 3.5.3 does not sanitise and escape the Description field when editing a gallery, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks against other users having access to the gallery dashboard...

5.5AI score0.00595EPSS
Exploits2References1
CVE
CVE
added 2022/02/21 10:46 a.m.108 views

CVE-2022-0186

The WordPress plugin Image Photo Gallery Final Tiles Grid (Final Tiles Grid) before version 3.5.3 is vulnerable to stored cross-site scripting due to insufficient sanitisation/escaping of the Description field when editing a gallery. This allows users with a role as low as contributor to execute ...

5.4CVSS5.2AI score0.00595EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder