2 matches found
WordPress 10Web Photo Gallery Plugin Cross Site Scripting (CVE-2020-9335)
A cross site scripting vulnerability exists in WordPress 10Web Photo Gallery plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
CVE-2020-9335
CVE-2020-9335 affects the WordPress Photo Gallery by 10Web plugin (versions prior to 1.5.46). The connected sources confirm multiple stored XSS vulnerabilities that allow an authenticated admin to inject arbitrary JavaScript viewed by other users, due to insufficient input validation/sanitization...