2 matches found
CVE-2024-5724 Photo Video Gallery Master <= 1.5.3 - Authenticated (Contributor+) PHP Object Injection
The Photo Video Gallery Master plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.5.3 via deserialization of untrusted input 'PVGMallphotosdetails' parameter. This makes it possible for authenticated attackers, with Contributor-level access and abov...
WordPress Photo Video Gallery Master Plugin <= 1.5.3 is vulnerable to PHP Object Injection
Software Photo Video Gallery Master Type Plugin Vulnerable versions = 1.5.3 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-5724 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 22871a87af76 Credits Francesco Carlucci Required...