3 matches found
CVE-2024-12696 Picture Gallery – Frontend Image Uploads, AJAX Photo List <= 1.5.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via videowhisper_picture_upload_guest Shortcode
The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videowhisperpictureuploadguest shortcode in all versions up to, and including, 1.5.22 due to insufficient input sanitization and output escaping on user...
CVE-2024-12696
CVE-2024-12696 pertains to the WordPress plugin “Picture Gallery – Frontend Image Uploads, AJAX Photo List” and enables Stored XSS via the videowhisper_picture_upload_guest shortcode. It affects all versions up to 1.5.22 due to insufficient input sanitization/output escaping on user attributes. E...
CVE-2024-12696 Picture Gallery – Frontend Image Uploads, AJAX Photo List <= 1.5.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via videowhisper_picture_upload_guest Shortcode
The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videowhisperpictureuploadguest shortcode in all versions up to, and including, 1.5.22 due to insufficient input sanitization and output escaping on user...