3 matches found
CVE-2015-7386
Multiple cross-site scripting XSS vulnerabilities in includes/metaboxes.php in the Gallery - Photo Albums - Portfolio plugin 1.3.47 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the 1 Media Title or 2 Media Subtitle fields...
CVE-2015-7386
Multiple cross-site scripting XSS vulnerabilities in includes/metaboxes.php in the Gallery - Photo Albums - Portfolio plugin 1.3.47 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the 1 Media Title or 2 Media Subtitle fields...
CVE-2015-7386
CVE-2015-7386 describes multiple XSS vulnerabilities in the WordPress plug‑in Gallery – Photo Albums – Portfolio (version 1.3.47). The issue is in includes/metaboxes.php where remote authenticated users can inject arbitrary script/HTML via the (1) Media Title or (2) Media Subtitle fields, potenti...