5 matches found
CVE-2022-1946
The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-1946
creationtimestamp| type| source ---|---|--- 2022-07-04 16:12:31+00:00| seen| https://t.me/cibsecurity/45560...
CVE-2022-1946
The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-1946 Gallery < 2.0.0 - Reflected Cross-Site Scripting
The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-1946
The WordPress Gallery plugin before 2.0.0 contains a reflected Cross-Site Scripting vulnerability in which a parameter is not sanitized/escaped before being echoed in the AJAX response. The issue is exploitable via an AJAX action accessible to both unauthenticated and authenticated users, potenti...