4 matches found
WordPress Smooth Gallery Replacement plugin <= 1.0 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Daniel Ruf in WordPress Plugin Smooth Gallery Replacement versions = 1.0...
CVE-2024-8032
The Smooth Gallery Replacement WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-8032 Smooth Gallery Replacement <= 1.0 - CSRF to Stored XSS
The Smooth Gallery Replacement WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-8032
CVE-2024-8032 affects the WordPress plugin Smooth Gallery Replacement (versions up to 1.0). The issue arises from missing CSRF protections and lack of sanitisation/escaping, enabling a logged-in admin to inject a Stored XSS payload via CSRF. The connected patches document notes remediation by upg...