3 matches found
CVE-2024-13833
The Album Gallery – WordPress Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.6.3 via deserialization of untrusted input from gallery meta. This makes it possible for authenticated attackers, with Editor-level access and above, to inject ...
CVE-2024-13833
CVE-2024-13833: Album Gallery – WordPress Gallery plugin vulnerable to authenticated PHP Object Injection via gallery meta in all versions
CVE-2024-13833 Album Gallery – WordPress Gallery <= 1.6.3 - Authenticated (Editor+) PHP Object Injection via Gallery Meta
The Album Gallery – WordPress Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.6.3 via deserialization of untrusted input from gallery meta. This makes it possible for authenticated attackers, with Editor-level access and above, to inject ...