3 matches found
CVE-2024-4386
The Gallery Block Meow Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘dataatts’ parameter in versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-4386 Gallery Block (Meow Gallery) <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Gallery Block Meow Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘dataatts’ parameter in versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-4386
CVE-2024-4386 affects the Gallery Block (Meow Gallery) WordPress plugin. The vulnerability is a Stored XSS via the data_atts parameter in versions up to 5.1.3, caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access at contributor level or higher,...