6 matches found
CVE-2025-11834
The WP AD Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'startindex' parameter of the ad-gallery shortcode in all versions up to, and including, 1.3. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-11834
The CVE CVE-2025-11834 (WP AD Gallery) affects WordPress WP AD Gallery plugin versions ≤ 1.3, with stored XSS via the startindex parameter in the ad-gallery shortcode. Root cause: insufficient input sanitization and output escaping; authenticated attackers with contributor-level access can inject...
CVE-2025-11834 WP AD Gallery <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WP AD Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'startindex' parameter of the ad-gallery shortcode in all versions up to, and including, 1.3. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
EUVD-2025-35326
The WP AD Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'startindex' parameter of the ad-gallery shortcode in all versions up to, and including, 1.3. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress plugin WP AD Gallery 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
4 identity partnerships to help drive better security
At Microsoft, we are committed to driving innovation for our partnerships within the identity ecosystem. Together, we are enabling our customers, who live and work in a heterogenous world, to get secure and remote access to the apps and resources they need. In this blog, we’d like to highlight ho...