Lucene search
K

5 matches found

Patchstack
Patchstack
added 2024/03/12 12:0 a.m.9 views

WordPress Contest Gallery Plugin < 21.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Contest Gallery Type Plugin Vulnerable versions 21.3.1 Fixed in 21.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1487 Patch priority Low CVSS severity Low 6.5 Developer Wasiliy Strecker PSID 898230946609 Credits Giulio - Mistborn...

6AI score0.00398EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2024/03/11 6:15 p.m.12 views

CVE-2024-1487

The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00398EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/03/11 5:56 p.m.21 views

CVE-2024-1487 Photos and Files Contest Gallery < 21.3.1 - Author+ Stored Cross Site Scripting

The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...

6.1AI score0.00398EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/03/11 5:56 p.m.21 views

CVE-2024-1487 Photos and Files Contest Gallery < 21.3.1 - Author+ Stored Cross Site Scripting

The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks...

6AI score0.00398EPSS
Exploits1References1
CVE
CVE
added 2024/03/11 5:56 p.m.71 views

CVE-2024-1487

The CVE affects the Photos and Files Contest Gallery WordPress plugin prior to 21.3.1. The issue is improper sanitization/escaping of certain parameters, enabling stored Cross-Site Scripting by users with as low as author privileges. Impact is potential script execution in pages leveraged by the ...

5.4CVSS6AI score0.00398EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder