Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:46 a.m.10 views

CVE-2022-4058

The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control...

5.4CVSS5.7AI score0.00244EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/04/18 12:0 a.m.19 views

WordPress Photo Gallery by 10Web Plugin < 1.8.3 is vulnerable to Cross Site Scripting (XSS)

Software Photo Gallery by 10Web Type Plugin Vulnerable versions 1.8.3 Fixed in 1.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4058 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ee71d42f5999 Credits Krzysztof Zając...

5.4CVSS6AI score0.00244EPSS
Exploits2References4Affected Software1
OpenVAS
OpenVAS
added 2022/12/20 12:0 a.m.16 views

WordPress Photo Gallery Plugin < 1.8.3 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

5.4CVSS5.6AI score0.00244EPSS
Exploits2References1
NVD
NVD
added 2022/12/19 2:15 p.m.27 views

CVE-2022-4058

The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control...

5.4CVSS0.00244EPSS
Exploits2References1
CVE
CVE
added 2022/12/19 1:41 p.m.77 views

CVE-2022-4058

CVE-2022-4058 affects the WordPress plugin Photo Gallery by 10Web, versions before 1.8.3. The root cause is failure to validate/escape certain parameters before outputting them in JavaScript on another page, enabling a Stored XSS when a logged-in admin visits a crafted URL. The CVSS base score is...

5.4CVSS5.2AI score0.00244EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder