4 matches found
CVE-2024-12237
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.15 via the rjggetyoutubeinfojustifiedgallerycallback function. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2024-12237
creationtimestamp| type| source ---|---|--- 2025-01-03 22:29:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113766784501508927 2025-01-04 01:23:01+00:00| seen| https://t.me/cvedetector/14251...
CVE-2024-12237
CVE-2024-12237 affects the WordPress plugin Photo Gallery Slideshow & Masonry Tiled Gallery (WordPress, all versions up to 1.0.15). The vulnerability is a Server-Side Request Forgery in the rjg_get_youtube_info_justified_gallery_callback function, and requires an authenticated user with Subscribe...
CVE-2024-12237 Photo Gallery Slideshow & Masonry Tiled Gallery <= 1.0.15 - Authenticated (Subscriber+) Limited Server-Side Request Forgery
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.15 via the rjggetyoutubeinfojustifiedgallerycallback function. This makes it possible for authenticated attackers, with Subscriber-level...