CVE-2025-47677

CVE-2025-47677 pertains to the WordPress plugin Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery. The vulnerability is a Stored XSS caused by improper input neutralization during web page generation, affecting versions up to and including 2.7.7.25 (authenticated via Contributor role). ...

WordPress plugin Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery...

WordPress Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery plugin <= 2.7.7.24 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Photo Gallery versions = 2.7.7.24...

WordPress Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery Plugin <= 2.7.7.21 is vulnerable to Cross Site Scripting (XSS)

Software Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery Type Plugin Vulnerable versions = 2.7.7.21 Fixed in 2.7.7.22 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4035 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership...

Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery < 2.7.7.22 - Authenticated (Author+) Cross-Site Scripting

Description The Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.7.7.21 due to insufficient input sanitization and output escaping. This makes it possible for...