5 matches found
CVE-2023-6747
The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and above to...
CVE-2023-6747
The CVE-2023-6747 entry affects the WordPress plugin FooGallery (WordPress) and describes a Stored Cross-Site Scripting (XSS) vulnerability in the plugin’s handling of custom attributes. The root cause is described as insufficient input sanitization and output escaping in versions up to and inclu...
CVE-2023-6747 FooGallery Premium <= 2.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and above to...
WordPress FooGallery Premium Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)
Software FooGallery Premium Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.4.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6747 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6e234ed1eb7c Credits WordFence Required...
CVE-2023-6752
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6747. Reason: This candidate is a reservation duplicate of CVE-2023-6747. Notes: All CVE users should reference CVE-2023-6747 instead of this candidate. All references and descriptions in this candidate have been remov...