Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 9:5 p.m.11 views

CVE-2021-24310

The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery i...

6.1CVSS5.7AI score0.04609EPSS
Exploits6References1
nvd
nvd
added 2021/06/01 2:15 p.m.25 views

CVE-2021-24310

The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery i...

4.8CVSS0.01131EPSS
Exploits2References1
cvelist
cvelist
added 2021/06/01 11:33 a.m.34 views

CVE-2021-24310 Photo Gallery < 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title

The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress plugin before 1.5.67 did not properly sanitise the gallery title, allowing high privilege users to create one with XSS payload in it, which will be triggered when another user will view the gallery list or the affected gallery i...

5.6AI score0.01131EPSS
Exploits2References1
cve
cve
added 2021/06/01 11:33 a.m.72 views

CVE-2021-24310

Affected product: Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin, vulnerable in versions before 1.5.67. Root cause: improper sanitisation of the gallery title, stemming from an incomplete fix of CVE-2019-16117. Impact: authenticated users with high privileges can inject X...

4.8CVSS5AI score0.01131EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder