4 matches found
WordPress Photo Gallery 1.5.34 Plugin - Cross-Site Scripting Vulnerability (2)
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Photo Gallery by 10Web img src=a onerror='alert2;' 4. Click Save. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded...
WordPress Photo Gallery 1.5.34 Cross Site Scripting
Exploit Title: WordPress Plugin Photo Gallery by 10Web alert1; 4. Click Save and preview. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded 09-04-2019 - New version released 1.5.35 09-10-2019 - Full Disclosu...
CVE-2019-16118
Cross site scripting XSS in the photo-gallery 10Web Photo Gallery plugin before 1.5.35 for WordPress exists via admin/controllers/Options.php...
CVE-2019-16118
CVE-2019-16118 affects the WordPress Photo Gallery (10Web Photo Gallery) plugin prior to 1.5.35. The issue is a Cross-Site Scripting (XSS) vulnerability exposed via admin/controllers/Options.php, caused by unvalidated/unescaped data. Impact per sources: attacker could execute script in victim’s b...