3 matches found
CVE-2024-6262
CVE-2024-6262 affects the WordPress plugin Portfolio Gallery – Image Gallery Plugin. The issue is a Stored Cross-Site Scripting (XSS) vulnerability via the plugin’s PFG shortcode, present in all versions up to and including 1.6.4, caused by insufficient input sanitization and output escaping for ...
CVE-2024-6262 Portfolio Gallery – Image Gallery Plugin <= 1.6.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
The Portfolio Gallery – Image Gallery Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'PFG' shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
WordPress Portfolio Gallery – Image Gallery Plugin Plugin <= 1.6.4 is vulnerable to Cross Site Scripting (XSS)
Software Portfolio Gallery – Image Gallery Plugin Type Plugin Vulnerable versions = 1.6.4 Fixed in 1.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6262 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b1ed057446f2 Credits...