2 matches found
CVE-2021-25115
The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting XSS. Error log content was handled improperly, therefore any user, even unauthenticated, could cause arbitrary javascript to be executed in the admin panel...
CVE-2021-25115
The CVE-2021-25115 entry concerns the WordPress plugin WP Photo Album Plus. Affected versions (prior to 8.0.10) are vulnerable to Stored Cross-Site Scripting (XSS) due to improper handling of error log content, permitting arbitrary JavaScript execution in the admin panel by any user, including un...