2 matches found
CVE-2024-10102
CVE-2024-10102 describes a stored cross-site scripting vulnerability in the WordPress plugin “Photo Gallery, Images, Slider” (Rbs Image Gallery) prior to version 3.2.22. The issue arises because Gallery settings are not properly sanitized/escaped, enabling high-privilege users (e.g., Contributors...
CVE-2024-10102 Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.22 - Contributor+ Stored XSS
The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.22 does not sanitise and escape some of its Gallery settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...