CVE-2024-29809
CVE-2024-29809 is a reflected XSS in the Photo Gallery WordPress plugin (referenced by RH CVE) where the image_url parameter in the admin-ajax.php editimage_bwg action is echoed into JavaScript in the response. This requires an authenticated user with access to the component. The Red Hat entry re...