4 matches found
Stored XSS in WP Photo Album Plus WordPress Plugin
Advisory ID: HTB23257 Product: WP Photo Album Plus WordPress Plugin Vendor: J.N. Breetvelt Vulnerable Versions: 6.1.2 and probably prior Tested Version: 6.1.2 Advisory Publication: April 29, 2015 without technical details Vendor Notification: April 29, 2015 Vendor Patch: April 29, 2015 Public...
CVE-2015-3647
CVE-2015-3647 concerns multiple stored XSS flaws in WP Photo Album Plus (WordPress plugin) via wppa-ajax-front.php. The affected component handles the wppa-do-comment action and uses unsanitized user input from comemail and comname POST parameters, enabling an attacker to inject arbitrary script ...
WordPress WP Photo Album Plus 6.1.2 Cross Site Scripting Vulnerability
WordPress WP Photo Album Plus plugin version 6.1.2 suffers from a cross site scripting vulnerability. Product: WP Photo Album Plus WordPress Plugin Vendor: J.N. Breetvelt Vulnerable Versions: 6.1.2 and probably prior Tested Version: 6.1.2 Advisory Publication: April 29, 2015 without technical...
WordPress WP Photo Album Plus 6.1.2 Cross Site Scripting
Advisory ID: HTB23257 Product: WP Photo Album Plus WordPress Plugin Vendor: J.N. Breetvelt Vulnerable Versions: 6.1.2 and probably prior Tested Version: 6.1.2 Advisory Publication: April 29, 2015 without technical details Vendor Notification: April 29, 2015 Vendor Patch: April 29, 2015 Public...