2 matches found
CVE-2020-9334
A stored XSS vulnerability exists in the Envira Photo Gallery plugin through 1.7.6 for WordPress. Successful exploitation of this vulnerability would allow a authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users...
CVE-2020-9334
The CVE-2020-9334 entry maps to a stored XSS vulnerability in the WordPress Envira Photo Gallery plugin (versions up to 1.7.6). The issue arises from an insufficient sanitization/presentation path that allows an authenticated, low-privilege user to inject arbitrary JavaScript code, which can be r...