Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.10 views

CVE-2021-24903

The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise and escape some of its gallery settings, which could allow high privilege users to perform Cross-Site scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6.1AI score0.00588EPSS
Exploits2References1
NVD
NVD
added 2022/02/28 9:15 a.m.22 views

CVE-2021-24903

The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise and escape some of its gallery settings, which could allow high privilege users to perform Cross-Site scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.00588EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/02/28 9:6 a.m.18 views

CVE-2021-24903 GRAND FlaGallery <= 6.1.2 - Admin+ Stored Cross-Site Scripting

The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise and escape some of its gallery settings, which could allow high privilege users to perform Cross-Site scripting attacks even when the unfilteredhtml capability is disallowed...

5.2AI score0.00588EPSS
Exploits2References1
CVE
CVE
added 2022/02/28 9:6 a.m.98 views

CVE-2021-24903

The CVE-2021-24903 entry concerns the WordPress plugin GRAND FlaGallery (≤ 6.1.2). Affected component: gallery settings in the admin UI; root cause: insufficient sanitisation/escaping of certain settings, enabling Cross-Site Scripting (XSS) by high-privilege users even when unfiltered_html is dis...

4.8CVSS4.8AI score0.00588EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder