5 matches found
WordPress Contest Gallery Plugin < 21.3.1 is vulnerable to Cross Site Scripting (XSS)
Software Contest Gallery Type Plugin Vulnerable versions 21.3.1 Fixed in 21.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1487 Patch priority Low CVSS severity Low 6.5 Developer Wasiliy Strecker PSID 898230946609 Credits Giulio - Mistborn...
CVE-2024-1487
The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...
CVE-2024-1487 Photos and Files Contest Gallery < 21.3.1 - Author+ Stored Cross Site Scripting
The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...
CVE-2024-1487 Photos and Files Contest Gallery < 21.3.1 - Author+ Stored Cross Site Scripting
The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...
CVE-2024-1487
The CVE affects the Photos and Files Contest Gallery WordPress plugin prior to 21.3.1. The issue is improper sanitization/escaping of certain parameters, enabling stored Cross-Site Scripting by users with as low as author privileges. Impact is potential script execution in pages leveraged by the ...