2 matches found
CVE-2022-4651
The Justified Gallery WordPress plugin before 1.7.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-4651
CVE-2022-4651 affects the WordPress Justified Gallery plugin prior to version 1.7.1. The vulnerability arises because the plugin does not validate and escape one of its shortcode attributes, enabling Stored XSS when a user with a role as low as contributor interacts with the gallery shortcode. Pr...