2 matches found
CVE-2025-5482
The Sunshine Photo Cart: Free Client Photo Galleries for Photographers plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.4.11. This is due to the plugin not properly validating a user-supplied key. This makes it possible for...
CVE-2025-5482
The Sunshine Photo Cart: Free Client Photo Galleries for Photographers WordPress plugin is affected by CVE-2025-5482. The vulnerability allows privilege escalation via account takeover due to improper validation of a user-supplied key, enabling authenticated attackers with Subscriber-level access...