3 matches found
CVE-2024-4035
CVE-2024-4035 is a Stored XSS in the Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery WordPress plugin, affecting all versions up to 2.7.7.21. The root cause is insufficient input sanitization and output escaping in image alt text, enabling authenticated attackers with author-level acc...
CVE-2024-4035 Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery <= 2.7.7.21 - Authenticated (Author+) Cross-Site Scripting
The Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.7.7.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery Plugin <= 2.7.7.21 is vulnerable to Cross Site Scripting (XSS)
Software Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery Type Plugin Vulnerable versions = 2.7.7.21 Fixed in 2.7.7.22 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4035 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership...