11 matches found
Advisory ROSA-SA-2026-3269
software: angie 1.11.5 AXIS: ROSA-CHROME unaffected versions = angie-1.11.5-1 affected versions angie-1.11.5-1 CVE-ID: CVE-2026-42945 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A heap buffer overflow vulnerability in the ngxhttprewritemodule NGINX Plus and NGINX Open Source module allows an...
Advisory ROSA-SA-2026-3205
software: angie 1.11.3 OS: ROSA-CHROME unaffected versions = angie-1.11.3-1 affected versions angie-1.11.3-1 CVE-ID: CVE-2026-1642 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX OSS and NGINX Plus when proxying to upstream TLS servers allows an attacker in a man-in-the-middle...
ROS-20260310-73-0051
Vulnerability in angie related to insufficient data authentication. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
CVE-2022-4795
The Galleries by Angie Makes WordPress plugin through 1.67 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting atta...
WordPress Galleries by Angie Makes Plugin <= 1.67 is vulnerable to Cross Site Scripting (XSS)
Software Galleries by Angie Makes Type Plugin Vulnerable versions = 1.67 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4795 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c4b62d67a4b8 Credits Lana Codes...
CVE-2022-4795
The Galleries by Angie Makes WordPress plugin through 1.67 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting atta...
Cross site scripting
The Galleries by Angie Makes WordPress plugin through 1.67 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting atta...
CVE-2022-4795 Galleries by Angie Makes <= 1.67 - Contributor+ Stored XSS via Shortcode
The Galleries by Angie Makes WordPress plugin through 1.67 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting atta...
CVE-2022-4795
CVE-2022-4795 concerns the WordPress plugin Galleries by Angie Makes (versions
WordPress plugin Galleries by Angie Makes 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
Galleries by Angie Makes <= 1.67 - Contributor+ Stored XSS via Shortcode
The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks gallery ids='1' captions="'...