EUVD-2022-40737

Malicious code in bioql PyPI...

EUVD-2022-43320

Malicious code in bioql PyPI...

CVE-2022-3991

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

WordPress Photospace Gallery plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Photospace Galler...

CVE-2022-3991

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

CVE-2022-3991

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

Cross site scripting

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

CVE-2022-3991

Summary (MODE C): The WordPress Photospace Gallery plugin is affected by a Stored Cross-Site Scripting vulnerability in versions up to 2.3.5. The issue stems from insufficient input sanitization and output escaping in settings saved via the update() function, allowing authenticated users with sub...

WordPress plugin Photospace Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Photospace Galler...

PT-2022-25103 · WordPress · Photospace Gallery

Name of the Vulnerable Software and Affected Versions: Photospace Gallery plugin for WordPress versions up to, and including, 2.3.5 Description: The issue is related to Stored Cross-Site Scripting via the plugin's settings parameters saved through the update function, due to insufficient input...

CVE-2022-38135

Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin = 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings...

CVE-2022-38135

Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin = 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings...

Improper access control

Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin = 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings...

CVE-2022-38135

CVE-2022-38135 concerns Dean Oakley’s Photospace Gallery WordPress plugin, affected up to version 2.3.5. The flaw is a Broken Access Control where users with a subscriber or higher role can change plugin settings, indicating missing authorization checks on settings updates. Affected: Photospace G...

CVE-2022-38135 WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin = 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings...

CVE-2022-38135 WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin = 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings...

WordPress plugin Photospace Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2022-24229 · Dean Oakley · Photospace Gallery

Name of the Vulnerable Software and Affected Versions: Dean Oakley's Photospace Gallery plugin versions 2.3.5 and earlier Description: The issue allows users with a subscriber or higher role to change plugin settings due to a Broken Access Control vulnerability. This vulnerability affects the...

WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability leading to plugin settings change discovered by Tien Nguyen Anh Patchstack Alliance in WordPress Photospace Gallery plugin versions = 2.3.5. Solution No patched version is available. No reply from the vendor...

Photospace Gallery <= 2.3.5 - Subscriber+ Arbitrary Settings Update

The plugin does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them...